Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(tag): add shadow parts #11922

Merged
merged 1 commit into from
Jul 12, 2024

feat(tag): add shadow parts

b406448
Select commit
Loading
Failed to load commit list.
Merged

feat(tag): add shadow parts #11922

feat(tag): add shadow parts
b406448
Select commit
Loading
Failed to load commit list.
IBM Mend app / Mend Security Check failed Jul 12, 2024 in 2h 21m 21s

Security Report

2 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
MSC-2024-9045

Path to dependency file: /package.json

Path to vulnerable library: /.yarn/cache/wicg-inert-npm-3.1.2-786d525c4e-a726f5ca2d.zip

Dependency Hierarchy:

-> ibmdotcom-web-components-2.10.0-rc.0.tgz (Root Library)

   -> ❌ wicg-inert-3.1.2.tgz (Vulnerable Library)

Critical 9.8 wicg-inert-3.1.2.tgz #11907
CVE-2024-37890

Path to dependency file: /package.json

Path to vulnerable library: /.yarn/cache/ws-npm-8.17.0-05fb441faf-5e1dcb0ae7.zip

Dependency Hierarchy:

-> ibmdotcom-utilities-2.10.0-rc.0.tgz (Root Library)

   -> isomorphic-dompurify-0.27.0.tgz

     -> jsdom-21.1.2.tgz

       -> ❌ ws-8.17.0.tgz (Vulnerable Library)

High 7.5 ws-8.17.0.tgz Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 None

Base branch total remaining vulnerabilities: 8
Base branch commit: ff7aa9e8b25633aad38a61c7bc1bb784c42740f8


Total libraries scanned: 328

Scan token: 65637e10950c495786c5dfdfaf644293

View more details on IBM Mend app