Skip to content

Commit

Permalink
feat: add a wrapper around @nx/js generator
Browse files Browse the repository at this point in the history
Wrapping some other libraries so we can easily create new vite libraries in one command.
  • Loading branch information
SimeonC committed Nov 2, 2023
1 parent 2913057 commit 979ce0e
Show file tree
Hide file tree
Showing 6 changed files with 732 additions and 0 deletions.
19 changes: 19 additions & 0 deletions auditjs.json
Original file line number Diff line number Diff line change
Expand Up @@ -1292,6 +1292,22 @@
"reference": "https://ossindex.sonatype.org/vulnerability/CVE-2023-44270?component-type=npm&component-name=postcss&utm_source=auditjs&utm_medium=integration&utm_content=4.0.41"
}
]
},
{
"coordinates": "pkg:npm/[email protected]",
"description": "adds node crypto signing for browsers",
"reference": "https://ossindex.sonatype.org/component/pkg:npm/[email protected]?utm_source=auditjs&utm_medium=integration&utm_content=4.0.41",
"vulnerabilities": [
{
"id": "CVE-2023-46234",
"title": "[CVE-2023-46234] CWE-347: Improper Verification of Cryptographic Signature",
"description": "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n",
"cvssScore": 6.5,
"cvssVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"cve": "CVE-2023-46234",
"reference": "https://ossindex.sonatype.org/vulnerability/CVE-2023-46234?component-type=npm&component-name=browserify-sign&utm_source=auditjs&utm_medium=integration&utm_content=4.0.41"
}
]
}
],
"ignore": [
Expand Down Expand Up @@ -1522,6 +1538,9 @@
},
{
"id": "CVE-2023-44270"
},
{
"id": "CVE-2023-46234"
}
]
}
Loading

0 comments on commit 979ce0e

Please sign in to comment.