fetch-metadata icon indicating copy to clipboard operation
fetch-metadata copied to clipboard

Published 20 hours ago verified publisher icon dependabot

Adds multiple path matching

Open timothy-humphrey opened this issue 1 year ago • 1 comments

Covers situations where vulnerableManifestPath does not include a directory.

Example: Dependency Names = nth-check, @svgr/webpack Directory = "/nth-check-and-svgr" Package Ecosystem = npm_and_yarn vulnerableManifestFilename = "package-lock.json" vulnerableManifestPath = "package-lock.json" ghsa-id = GHSA-rp65-9cf3-cjxr cvss = 7.5

timothy-humphrey avatar May 24 '23 21:05 timothy-humphrey

@timothy-humphrey is this ready to go? I recall it was on my TODO list to review it, and then I got busy with other things... circling back, but surprised to see it's now a draft?

jeffwidman avatar Jul 15 '23 20:07 jeffwidman