Bar Hofesh

icon indicating a website link https://brightsec.com icon indicating an email [email protected]

icon company @NeuraLegion icon location Israel icon location CTO at BrightSec (@NeuraLegion.) Security researcher, system architect and a programmer.

Results 93 comments of Bar Hofesh

build(deps): bump @fastify/session from 10.1.1 to 10.9.0

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [1da3e307\-fda0\-4cca\-8aba\-e3206e158654](https://deu.ast.checkmarx.net/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/scans?id=1da3e307-fda0-4cca-8aba-e3206e158654&branch=dependabot%2Fnpm_and_yarn%2Ffastify%2Fsession-10.9.0) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-33883](https://devhub.checkmarx.com/cve-details/CVE-2024-33883)|Npm\-ejs\-2\.7\.4|[Vulnerable Package](https://deu.ast.checkmarx.net/sca/#/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/reports/1da3e307-fda0-4cca-8aba-e3206e158654/vulnerabilities/CVE-2024-33883%3ANpm-ejs-2.7.4/vulnerabilityDetails) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-4067](https://devhub.checkmarx.com/cve-details/CVE-2024-4067)|Npm\-micromatch\-4\.0\.5|[Vulnerable Package](https://deu.ast.checkmarx.net/sca/#/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/reports/1da3e307-fda0-4cca-8aba-e3206e158654/vulnerabilities/CVE-2024-4067%3ANpm-micromatch-4.0.5/vulnerabilityDetails) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-4067](https://devhub.checkmarx.com/cve-details/CVE-2024-4067)|Npm\-micromatch\-3\.1\.10|[Vulnerable Package](https://deu.ast.checkmarx.net/sca/#/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/reports/1da3e307-fda0-4cca-8aba-e3206e158654/vulnerabilities/CVE-2024-4067%3ANpm-micromatch-3.1.10/vulnerabilityDetails) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-4067](https://devhub.checkmarx.com/cve-details/CVE-2024-4067)|Npm\-micromatch\-4\.0\.4|[Vulnerable Package](https://deu.ast.checkmarx.net/sca/#/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/reports/1da3e307-fda0-4cca-8aba-e3206e158654/vulnerabilities/CVE-2024-4067%3ANpm-micromatch-4.0.4/vulnerabilityDetails) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-4068](https://devhub.checkmarx.com/cve-details/CVE-2024-4068)|Npm\-braces\-3\.0\.2|[Vulnerable Package](https://deu.ast.checkmarx.net/sca/#/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/reports/1da3e307-fda0-4cca-8aba-e3206e158654/vulnerabilities/CVE-2024-4068%3ANpm-braces-3.0.2/vulnerabilityDetails) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[CVE-2024-4068](https://devhub.checkmarx.com/cve-details/CVE-2024-4068)|Npm\-braces\-2\.3\.2|[Vulnerable...

build(deps): bump ejs and react-scripts in /public

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [a4e49c25\-285e\-4801\-a7d9\-d3ec8c609f1d](https://deu.ast.checkmarx.net/projects/fcf6cc86-63a5-4d1e-97b1-b18e509aee92/scans?id=a4e49c25-285e-4801-a7d9-d3ec8c609f1d&branch=dependabot%2Fnpm_and_yarn%2Fpublic%2Fmulti-f001b0b9fa) ### No New Or Fixed Issues Found

Covariance and contravariance

It also, for me at lest, feels like going away from the fun part of Crystal where you don't have to explicitly define types most of the times. starting to...