You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ui/README.md
+15Lines changed: 15 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -43,4 +43,19 @@ git tag ui/1.0.12
43
43
git push origin ui/1.0.12
44
44
```
45
45
46
+
## Vulnerability issues
47
+
48
+
### Packages issues
49
+
Ways to resolve (ordered by preference):
50
+
1. Update a package - try to looking for a newer package in npm, probably this vulnerability are already fixed.
51
+
2. If vulnerability placed in a sub-package - try to replace it with [npm-force-resolutions](https://www.npmjs.com/package/npm-force-resolutions). Be careful using this way - it may break a project as in a build phase as at runtime. Recommended full e2e testing after replacing.
52
+
3. Fork the package and put it locally in this repo.
53
+
4. If you are sure this is a falsy vulnerability - try to ignore it using special commands for your SAST tool. **NOT RECOMMENDED**.
54
+
55
+
### Code issues
56
+
Ways to resolve (ordered by preference):
57
+
1. If the part of source code is written on `.js` try to rewrite it on `.ts` or `.tsx` - it will fix a lot of potential security issues.
58
+
2. Follow the recommendations of your SAST tool - fix it manually or automatically.
59
+
3. If you are sure this is a falsy vulnerability - try to ignore it using special commands for your SAST tool. **NOT RECOMMENDED**.
60
+
46
61
<!-- TODO: move this ^ to the main README.md and CONTRIBUTING.md -->
0 commit comments