I vote +1:
* Verified Archive
* Verified Tags
* Ran NPM Audit (see notes)
* Unit tests runs successfully locally
NPM audit reports:
json5 <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method -
https://github.com/advisories/GHSA-9c47-m6qq-7p4h
This comes from a sub development
I vote +1:
* Verified Archive
* Verified Tags
* Ran NPM Audit (see notes)
* Unit tests runs locally with 1 error (See notes)
NPM audit reports:
json5 <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method -
https://github.com/advisories/GHSA-9c47-m6qq-7p4h
This comes from a sub
As mentioned in the vote thread,
I created a issue with a detailed explanation on the failing test, which
can be viewed at
https://github.com/apache/cordova-lib/issues/906
If you're curious or suspicious when casting your vote, then hopefully
those details can ease your mind.
On 2022-12-21
