Comments (3)
You may want to read: https://overreacted.io/npm-audit-broken-by-design/
Npm's security reporting is broken. We do take security very seriously, ofc, but many 'vulns' are often not exploitable unless an attacker has full access to your machine already, and then you have bigger problems. (Or has performed a supply chain attack with a ton of misdirection, which again, bigger problems!)
from ember.js.
You may want to read: https://overreacted.io/npm-audit-broken-by-design/
Npm's security reporting is broken. We do take security very seriously, ofc, but many 'vulns' are often not exploitable unless an attacker has full access to your machine already, and then you have bigger problems. (Or has performed a supply chain attack with a ton of misdirection, which again, bigger problems!)
thank you!
from ember.js.
Going to close this as well explained.
from ember.js.
Related Issues (20)
- How do you tell a getter to only invalidate if the _value_ changes, rather than the tracked references accessed invalidate (for any reason) HOT 1
- [Bug] application.inject undefined for dependency injection from initializer HOT 4
- [Bug] "func is not a function" rendering helper HOT 1
- [Bug] 5.6: ember-template-compiler cannot used Application.initializer, as it could not be a function, and also: <...>.Test is undefined HOT 4
- [Bug] `#in-element` cannot directly render in to shadow-dom HOT 2
- [Bug] declarative ShadowDOM is unable to have content rendered in to it
- [Bug] in-element cannot render into a document-fragment
- [Quest]: Proper ShadowDOM support
- [Bug] DX: due to destruction happening "at any time" / asynchronously, we cannot ergonomically use a conditional `on` modifier (aka conditional `on` modifiers are not possible if the condition goes from true to true)) HOT 2
- [Feature] Swappable renderer HOT 4
- [Bug] Regression in 5.6.0 concerning auto-tracking HOT 2
- [Bug] Key-pair not treated as identity in #each over a Map HOT 2
- Debug render tree tests are not running in specified CI build
- [Bug] Cannot use router.isActive, without first calling router.urlFor
- [Question] : Ember JS in existing nodejs mobile HOT 3
- Refactor the rendering test suite to test against both strict mode and resolution mode
- Remove `@ember/runloop` in test blueprints
- Breaking change in 5.9 beta: `with` keyword HOT 5
- [Bug] Transition to same route without parameters creates error `Uncaught TypeError: routeInfos[(routeInfoLength - 1)] is undefined` when a `queryParam` has default value `null` HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ember.js.