starred/bambuddy
1
0
Fork 0
mirror of https://github.com/maziggy/bambuddy.git synced 2026-05-09 05:35:30 +02:00
Code Issues 41 Projects Packages Wiki Activity

[GH-ISSUE #467] Security Alert: 3 npm vulnerabilities found #291

New issue
Closed
opened 2026-05-06 12:27:57 +02:00 by BreizhHardware · 1 comment
BreizhHardware commented 2026-05-06 12:27:57 +02:00
Owner
Copy link

Originally created by @github-actions[bot] on GitHub (Feb 20, 2026).
Original GitHub issue: https://github.com/maziggy/bambuddy/issues/467

Automated Security Audit Results

The weekly security audit found vulnerabilities in npm dependencies.

Package Severity Via Fix
minimatch high minimatch Yes
npm high minimatch, tar Yes
tar high tar Yes

Recommended Actions

  1. Review each vulnerability: npm audit
  2. Auto-fix if possible: npm audit fix
  3. Manual fix for breaking changes: npm audit fix --force (review changes!)
  4. Close this issue when resolved

This issue was automatically created by the security audit workflow.

Originally created by @github-actions[bot] on GitHub (Feb 20, 2026). Original GitHub issue: https://github.com/maziggy/bambuddy/issues/467 ## Automated Security Audit Results The weekly security audit found vulnerabilities in npm dependencies. | Package | Severity | Via | Fix | |---------|----------|-----|-----| | minimatch | high | minimatch | Yes | | npm | high | minimatch, tar | Yes | | tar | high | tar | Yes | ### Recommended Actions 1. Review each vulnerability: `npm audit` 2. Auto-fix if possible: `npm audit fix` 3. Manual fix for breaking changes: `npm audit fix --force` (review changes!) 4. Close this issue when resolved --- *This issue was automatically created by the security audit workflow.*
BreizhHardware commented 2026-05-06 12:27:58 +02:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Feb 20, 2026):

All npm production vulnerabilities have been resolved. Closing automatically.

<!-- gh-comment-id:3936374322 --> @github-actions[bot] commented on GitHub (Feb 20, 2026): All npm production vulnerabilities have been resolved. Closing automatically.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
github-repo-stats
bug-report-assets
dev
0.2.4b3
0.2.4b2
0.2.4b1
pr/1114
0.2.3.2
0.2.3.1
0.2.3
0.2.3b3
0.2.3b2
0.2.3b1
0.2.2.2
0.2.2.1
0.2.2b3
0.2.2
0.2.2b2
0.2.2b1
0.2.1.1
0.2.1
0.2.1b3
0.2.1b2
0.2.1b
0.2.0
0.2.0b
0.1.5-2-ctrl
v0.2.4b4-daily.20260508
v0.2.4b2
v0.2.4b3
v0.2.4b1
v0.2.3.2
v0.2.3.1
v0.2.3
v0.2.3b3
v0.2.3b2
v0.2.3b1-daily.20260407
v0.2.3b1
v0.2.2.2
v0.2.2.1
v0.2.3b1-daily.20260318
v0.2.3b1-daily.20260317
v0.2.3b1-daily.20260316
v0.2.2
v0.2.2b4-daily.20260314
v0.2.2b4-daily.20260313
v0.2.2b3-daily.20260312
v0.2.2b3-1
v0.2.2b2
v0.2.2-b2
v0.2.2b3
v0.2.2-b1
v0.2.2b1
v0.2.1.1
v0.2.1
v0.2.1b3
v0.2.1b2
v0.2.1b
v0.2.0
v0.1.9
v0.1.8.1
v0.1.8
v0.1.7
v0.1.6.2
v0.1.6.1
v0.1.6-hotfix
v0.1.6
v0.1.6b11
v0.1.6b10
v0.1.6b9
v0.1.6b8
v0.1.6b7
v0.1.6b6
v0.1.6b5
v0.1.6b4
v0.1.6b3
v0.1.6b2
v0.1.6b
v0.1.5-final
v0.1.5b7
v0.1.5b6
v0.1.5b5
v0.1.5b4
v0.1.5b3
v0.1.5b2
v0.1.5b
v0.1.4
v0.1.3
v0.1.2-bugfix
v0.1.2-final
v0.1.2
0.1.1
Labels
Clear labels   
A1

   
automated

   
automated

   
bug

   
bug

   
Closed due to inactivity

   
contrib

   
dependencies

   
dependencies

   
duplicate

   
enhancement

   
feedback

   
hold

   
invalid

   
Notes

   
P1S

   
pull-request
Mirrored from GitHub Pull Request

  
security

   
security

   
ThumbsUp

   
user-report

   
wontfix
No labels
A1
automated
automated
bug
bug
Closed due to inactivity
contrib
dependencies
dependencies
duplicate
enhancement
feedback
hold
invalid
Notes
P1S
pull-request
security
security
ThumbsUp
user-report
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/bambuddy#291
No description provided.