Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A package is vulnerable to Exposure of Sensitive Information #8204

Merged
merged 1 commit into from
Feb 28, 2022
Merged

A package is vulnerable to Exposure of Sensitive Information #8204

merged 1 commit into from
Feb 28, 2022

Conversation

bhaskarvilles
Copy link
Contributor

node-fetch is to an unauthorised Actor

upgrade to node-fetch npm package

…nauthorized Actor

upgrade to node-fetch npm package
@bhaskarvilles bhaskarvilles requested a review from a team as a code owner February 28, 2022 07:11
@magik6k magik6k merged commit f9900ba into filecoin-project:master Feb 28, 2022
@bhaskarvilles
Copy link
Contributor Author

@magik6k any bounty regarding this fix ?

@silvianetobessa
Copy link

Hello @bhaskarvilles!

This contribution to the Filecoin codebase was voted as impactful during Q1 and is eligible for a FIL prize as part of a Protocol Labs experiment to reward open source contributions from the community (see full details here).

Please reach out to us through [email protected] to receive the instructions on how to claim your reward!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants