Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

chore: request #35871 Ignore lodash.pick CVE-2020-8203

Download Browse

It is a prototype pollution issue which is not really a problem for our context (used in gettext extraction pipeline of the Angular tooling). We cannot upgrade it because the whole tooling is outdated. `make scan-vuln-deps` should not complain about it anymore. Change-Id: Ief9385556e5c558c831c4fdd7027d0a12a5d2cc4

+5 −0
Thomas Gerbet (tgerbet) 2024-01-25 09:28
Thomas Gerbet (tgerbet) 2024-01-25 09:29
13627cdc3350ad2840a181978d4217f4d2793fb4
6652c1ca58fa25f371ad080193864937d55e861d
git #tuleap/stable/13627cdc3350ad2840a181978d4217f4d2793fb4

Modified Files

Side by side diff
Inline diff
Name
M tools/utils/osv-scanner/config.toml +5 −0 Go to diff View file