Skip to content

Latest commit

 

History

History
14 lines (11 loc) · 831 Bytes

AUDIT.md

File metadata and controls

14 lines (11 loc) · 831 Bytes

This project uses npm audit to scan dependencies for vulnerabilities and automatically install any compatible updates to vulnerable dependencies. The security audit is also integrated into the project's CI pipeline via audit-ci command which fails the build if there is any vulnerability found. It is possible to ignore specific errors by whitelisting them in audit-ci config..

NPM audit whitelist

Whenever you whitelist a specific advisory it is required to refer it here and justify the whitelisting.

Advisories

# Level Module Title Explanation
782 Moderate lodash Prototype Pollution Dev dependency, path: smart-contracts: > truffle-artifactor > lodash