-
Notifications
You must be signed in to change notification settings - Fork 32
/
audit-ci.json
74 lines (74 loc) · 2.08 KB
/
audit-ci.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
{
"allowlist": [
{
"GHSA-pfrx-2q88-qq97": {
"active": true,
"notes": "requires upgrade to np@8.0.4, which is a breaking change",
"expiry": "4 January 2025"
}
},
{
"GHSA-c2qf-rxjj-qqgw": {
"active": true,
"notes": "requires lerna v7, which is a breaking change",
"expiry": "4 January 2025"
}
},
{
"GHSA-7fh5-64p2-3v2j": {
"active": true,
"notes": "requires upgrade to postcss v8.4.31, which doesn't align with the version used by @storybook/addon-postcss",
"expiry": "4 January 2025"
}
},
{
"GHSA-f5x3-32g6-xq36": {
"active": true,
"notes": "issue in 'tar' package used by '@lerna/legacy-package-management' v6.6.2 - no current fix",
"expiry": "4 January 2025"
}
},
{
"GHSA-grv7-fg5c-xmjg": {
"active": true,
"notes": "braces package has a vulnerability which is fixed in v3.0.3, but cannot currrently upgrade",
"expiry": "4 January 2025"
}
},
{
"GHSA-3h5v-q93c-6h6q": {
"active": true,
"notes": "ws package has a vulnerability but requires multiple package upgrades to fix",
"expiry": "4 January 2025"
}
},
{
"GHSA-952p-6rrq-rcjv": {
"active": true,
"notes": "issue in 'micromatch' package, we're currently on the highest version available so no fix",
"expiry": "4 January 2025"
}
},
{
"GHSA-m6fv-jmcg-4jfg": {
"active": true,
"notes": "issue in 'send' package within 'serve-static' package being v0.18.0, fix requires 0.19.0",
"expiry": "4 January 2025"
}
},
{
"GHSA-p6mc-m468-83gw": {
"active": true,
"notes": "issue in 'lodash.set' package use by '@cypress-audit/lighthouse>lighthouse' - no current fix",
"expiry": "4 January 2025"
}
},
{
"GHSA-3xgq-45jj-v275": {
"active": true,
"notes": "issue in 'cross-spawn' package - unable to upgrade currently",
"expiry": "4 January 2025"
}
}
]
}