horusec-vscode-plugin
horusec-vscode-plugin copied to clipboard
ZupIT
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command. Now you can usage extension for vscode.
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [webpack](https://redirect.github.com/webpack/webpack) | [`5.65.0` -> `5.94.0`](https://renovatebot.com/diffs/npm/webpack/5.65.0/5.94.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot] avatar"){kind=avatar}
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220114011407-0dd24b26b47d to 0.17.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. Release notes Sourced from word-wrap's releases. 1.2.4 What's Changed Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24 🔒fix: CVE 2023 26115 (2) by @OlafConijn in...
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | |---|---| | minimist | [`1.2.5` -> `1.2.6`](https://renovatebot.com/diffs/npm/minimist/1.2.5/1.2.6) | ### GitHub Vulnerability Alerts #### [CVE-2021-44906](https://nvd.nist.gov/vuln/detail/CVE-2021-44906) Minimist prior to...
Bumps [webpack](https://github.com/webpack/webpack) from 5.65.0 to 5.76.0. Release notes Sourced from webpack's releases. v5.76.0 Bugfixes Avoid cross-realm object access by @Jack-Works in webpack/webpack#16500 Improve hash performance via conditional initialization by @lvivski...
Bumps [nanoid](https://github.com/ai/nanoid) to 3.3.1 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together. Updates `nanoid` from 3.1.25 to 3.3.1 Changelog Sourced from nanoid's changelog. 3.3.1 Reduced package...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20220112180741-5e0467b6c7ce to 0.1.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8. Changelog Sourced from minimist's changelog. v1.2.8 - 2023-02-09 Merged [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17) [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12) [Fix]...
Bumps [terser](https://github.com/terser/terser) from 5.10.0 to 5.14.2. Changelog Sourced from terser's changelog. v5.14.2 Security fix for RegExps that should not be evaluated (regexp DDOS) Source maps improvements (#1211) Performance improvements in...
This pull request adds the SECURITY Policies documentation.
