You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: uplifting of the all dependencies has not resolved a problem, npm audit fix doesn't help, snyk scanner also can't find any problems after uplifting all dependencies to the latest version. Anyway the CVE error exists in the docker image, it comes not from base image, but from "npm install" dockerfile step, so some dependency contains vulnerable version of the go lib.
Expected to wait updates from package.json dependencies to resolve the issue, since current latest versions do not resolve the issue.
The text was updated successfully, but these errors were encountered:
Expected Behavior
No CVE scanner errors
Current Behavior
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/40331
Failure Information (for bugs)
Note: uplifting of the all dependencies has not resolved a problem, npm audit fix doesn't help, snyk scanner also can't find any problems after uplifting all dependencies to the latest version. Anyway the CVE error exists in the docker image, it comes not from base image, but from "npm install" dockerfile step, so some dependency contains vulnerable version of the go lib.
Expected to wait updates from package.json dependencies to resolve the issue, since current latest versions do not resolve the issue.
The text was updated successfully, but these errors were encountered: