New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove rollup-plugin-livereload, use rollup-plugin-dev for autoreload #1304

Open

tusharpandey13 wants to merge 1 commit into main from security/ws

Contributor

tusharpandey13 commented Sep 15, 2024 •

edited

Loading

Changes

This PR attempts to fix the vulnerability highlighted in this dependabot report: ws affected by a DoS when handling a request with many HTTP headers

Changes:

removed rollup-plugin-livereload
used rollup-plugin-dev for live-reload functionality

References

See above
rollup-plugin-dev npm

Testing

This change adds unit test coverage
This change adds integration test coverage
This change has been tested on the latest version of the platform/language

Checklist

I have read the Auth0 general contribution guidelines
I have read the Auth0 Code of Conduct
All code quality tools/guidelines have been run/followed


          remove rollup-plugin-livereload, use rollup-plugin-dev for autoreload

11d0f0e

tusharpandey13 requested a review from a team as a code owner

September 15, 2024 15:57

gyaneshgouraw-okta approved these changes

View reviewed changes

Contributor

gyaneshgouraw-okta commented Sep 17, 2024

Hey @tusharpandey13,
Could you also please update the PR description to include information on how you’ve verified your changes?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet