use the latest version for component : v8:5.5.5

Question

use the latest version for component : v8:5.5.5

anurag92dash opened this issue 3 months ago · comments

Is your feature request related to a problem? If so, please describe.

my organization has security vulnerability tests before I deploy an opensource software.
while scanning dashy image, it was recommended to use the latest version for v8:5.5.5 --> 12.1.285.24
Can you please help me upgrade this component.

Describe the solution you'd like

update the Component: v8:5.5.5 -> to latest version 12.1.285.24

Priority

Medium (Would be very useful)

Is this something you would be keen to implement

Yes!

Alicia Bot · Answer 1 · Wed Apr 24 2024 12:38:48 GMT+0800 (China Standard Time)

If you're enjoying Dashy, consider dropping us a ⭐
_{🤖 I'm a bot, and this message was automated}

Alicia Sykes · Answer 2 · Sat May 11 2024 22:44:38 GMT+0800 (China Standard Time)

update the Component: v8:5.5.5 -> to latest version 12.1.285.24

Which library? (Component isn't included in Dashy).

Re the package vulnerabilities, I have gone through each and ensured none of them are actually exploitable vulnerabilities. Course most Node.js projects will have some kind of output from npm audit, and it looks scarier than it is.

But I also totally understand that many orgs don't let you deploy anything which includes a known vulnerbale package.

Alicia Bot · Answer 3 · Mon May 20 2024 09:24:50 GMT+0800 (China Standard Time)

Issue closed due to no response from user.