Securing your Workflows Course - No vulnerable dependencies

drewgoodfellow · May 26, 2020, 5:10pm

Hello,

I’m attempting to find my repo’s vulnerabilities according to these instructions:

Click the Insights tab in your repository.
On the left hand navigation bar, click Dependency graph.
Scroll down until you see a yellow bar highlighting the dependency named debug, and click on the right hand side of the yellow debug section.
Take note of the suggested version.
Comment in this issue with the suggested update version.

However, I do not see any vulnerabilities! See photo below.

I was expecting visionmedia/debug to have a yellow bar. Have I done something wrong?

Thank you in advance.

lmkeston · May 23, 2020, 6:03am

Hello Drew. We have corrected this issue. You may need to de-register and restart the course to see the correction. Please let me know if you continue to encounter this issue. Thank you!

drewgoodfellow · May 23, 2020, 6:03am

Hello,

It works perfectly now. Thank you so much.

saahithhegde · August 31, 2020, 1:05am

Hello,
I am getting the same issue.

ruizhexr · September 11, 2020, 9:28am

Same issue here. I don’t see any yellow bar.

PawlakMarek · December 21, 2020, 10:57am

It seems it’s still an issue.
Even though version is shown as 2.6.8 (lesser than in original issue), github doesn’t show it as vulnerable.

Catweazel1 · December 26, 2020, 3:16pm

This Issue still doen’t seem to be resolved. I have de-registered and re-registered several times now, still not able to see vulnerabilities. Not sure if this is now elsewhere now or not.

lmkeston · December 31, 2020, 3:05pm

Hello all,
This course was recently updated to use the default branch name “main” instead of “master”. When you re-registered, did you delete your repo? If not, can you try that and let me know if this resolves the issue?
Thanks,
Lia