Skip to content

Commit

Permalink
chore: Temporarily ignore advisory
Browse files Browse the repository at this point in the history 
The advisory GHSA-593m-55hh-j8gv has been
temporarily ignored, just for v12.4.x. This is resolved by a dependency
update in v12.5.0, but the update included too many functional changes,
so we deemed it too risky to backport in this release.

The impact is expected to be negligable due to our use of LavaMoat and
SES lockdown.
  • Loading branch information
@Gudahtt
Gudahtt committed Oct 7, 2024
1 parent fabf62d commit 7f8938d
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .yarnrc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,12 @@ npmAuditIgnoreAdvisories:
# not appear to be used.
- 1092461

# Issue: Sentry SDK Prototype Pollution gadget in JavaScript SDKs
# URL: https://github.com/advisories/GHSA-593m-55hh-j8gv
# Not easily fixed in this version, will be fixed in v12.5.0
# Minimally effects the extension due to usage of LavaMoat + SES lockdown.
- 1099832

# Temp fix for https://github.com/MetaMask/metamask-extension/pull/16920 for the sake of 11.7.1 hotfix
# This will be removed in this ticket https://github.com/MetaMask/metamask-extension/issues/22299
- 'ts-custom-error (deprecation)'
Expand Down

0 comments on commit 7f8938d

Please sign in to comment.