Hi all, I’ve been wondering, whats the best way to fix GitHub security advisories on a sage project? I don’t even know what most of them are for, they are all nom packages. How does one go about updating the packages in a sage project to address the security issues?

In a vanilla Sage install you can probably safely ignore most of them: Sage out-of-the-box uses 90% of the npm packages it installs for the build process, and most security issues that GitHub flags have to do with scripts that are out in the wild interacting with users and servers–things the Sage sc…

Github security advisory

sage

strarsis September 14, 2020, 1:36pm 4

I recently made a little guide for this:

2 Likes