Open Bug 1959123 Opened 22 days ago Updated 15 days ago

Outdated dependencies in browsertime

Categories

(Testing :: Raptor, defect, P2)

Product:
Testing
Component:
Raptor
Type:
defect

Tracking

(Not tracked)

Status:
UNCONFIRMED

People

(Reporter: uncleruc2075, Unassigned)

References

Details

(Whiteboard: [fxp])

Attachments

(1 file)

Снимок экрана (6).png
57.47 KB, image/png
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Steps to reproduce:

there is a package
https://searchfox.org/mozilla-central/source/tools/browsertime/package.json

Actual results:

and it has vulnerabilities and it is outdated
the screenshot shows which packages have vulnerabilities, why use them in general?
It's logical to update to the latest versions, because you never know what might happen

Expected results:

Shouldn't there be an update to new versions because using old versions that are vulnerable is not safe

Component: Untriaged → Raptor
Product: Firefox → Testing
Summary: Updating dependencies → Outdated dependencies in browsertime
Version: other → unspecified
Severity: -- → S3
Priority: -- → P2
Whiteboard: [fxp]
Flags: sec-bounty?
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: