Resolved Security Vulnerability of the original reap module https://www.npmjs.com/package/reap
Removed ms package vulnerability from https://github.com/visionmedia/reap
The original reap module's repo is not available. It seems to be deleted. But it has a vulnerability with its dependency ms. Vulnerability -> https://nodesecurity.io/advisories/46 The vulnerability in ms package was patched in versions > 7.0.0 but since the original repo is deleted I am upgrading ms and creating this new repository so that the packages dependent on reap are not affected.
FAQs
Resolved Security Vulnerability of the original reap module https://www.npmjs.com/package/reap
We found that reap2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
