Skip to content

Latest commit

 

History

History
16 lines (12 loc) · 914 Bytes

AUDIT.md

File metadata and controls

16 lines (12 loc) · 914 Bytes

This project uses npm audit to scan dependencies for vulnerabilities and automatically install any compatible updates to vulnerable dependencies. The security audit is also integrated into the project's CI pipeline via audit-ci command which fails the build if there is any vulnerability found. It is possible to ignore specific errors by whitelisting them in audit-ci config..

NPM audit whitelist

Whenever you whitelist a specific advisory it is required to refer it to here and justify the whitelisting.

Advisories

# Level Module Title Explanation
782 Moderate lodash Prototype Pollution truffle-artifactor dependency (requires major version update)
786 Low braces Regular Expression Denial of Service Solium dev dependency