Security issues with popular package managers

Created on 13 March 2022, almost 3 years ago
Updated 15 June 2023, over 1 year ago

I just came across this article:

https://amp.thehackernews.com/thn/2022/03/multiple-security-flaws-discovered-in.html

As it says Composer has chosen to ignore this, and as I find nothing in the way of patches or additional information, and as Composer and NPM are major players in the whole of Drupal, I wanted to see if anyone has any additional information relating to keeping Drupal secure, in light of this article.

🌱 Plan
Status

Closed: outdated

Version

9.5

Component
Composer  β†’

Last updated 5 days ago

No maintainer
Created by

πŸ‡ΊπŸ‡ΈUnited States BEGRAFX Laconia, New Hampshire

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024