storyblok-cli icon indicating copy to clipboard operation
storyblok-cli copied to clipboard

Published 20 hours ago verified publisher icon storyblok

Dependabot issues when making a project with the CLI as a package.

Open SebbeJohansson opened this issue 2 years ago • 4 comments

Current behavior:

"Command injection in git-clone" and "Got allows a redirect to a UNIX socket" High and Moderate warnings from dependabot when using storyblok-cli.

Expected behavior:

I expect there to not be any dependabot alerts when using the cli.

Steps to reproduce:

Install the cli in a project. Upload project to github. https://github.com/SebbeJohansson/Vrtx.ContentSystem/security/dependabot/9 https://github.com/SebbeJohansson/Vrtx.ContentSystem/security/dependabot/8

Related code: https://github.com/SebbeJohansson/Vrtx.ContentSystem/

SebbeJohansson avatar Dec 22 '22 20:12 SebbeJohansson