Skip to content

Commit

Permalink
revert @jest/core. it is only needed as indirect dependency, and inst…
Browse files Browse the repository at this point in the history 
…alling it as a direct dependency raises an issue with snyk due to inflight missing resource after effective lifetime (see CWE-772: The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed. When a resource is not released after use, it can allow attackers to cause a denial of service.)
  • Loading branch information
@jhslater
jhslater committed Oct 22, 2024
1 parent ab3ce2a commit d639013
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 2 deletions.
1 change: 0 additions & 1 deletion package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@
"@fortawesome/free-regular-svg-icons": "^6.5.2",
"@fortawesome/free-solid-svg-icons": "^6.5.2",
"@fortawesome/react-fontawesome": "^0.2.2",
"@jest/core": "^29.7.0",
"@opentelemetry/api": "^1.9.0",
"@opentelemetry/exporter-jaeger": "^1.25.1",
"@opentelemetry/exporter-metrics-otlp-proto": "^0.52.0",
Expand Down

0 comments on commit d639013

Please sign in to comment.