Remix clone Hacker News

new | show | ask | jobs Github

	▲	egorfine 3 days ago
		Then you probably have over a dozen CVEs in your code. Now, this is a different question whether they are exploitable and how much it is a risk. Other than that you now probably have an insurmountable technical debt and upgrading the dependencies is a project of itself. All the above applies to JavaScript world, of course. It's much different for the rest.
	▲	gslepak 3 days ago \| parent \| next [-]
		> Then you probably have over a dozen CVEs in your code. We continuously monitor our dependencies for CVEs and update them if necessary. Most of the time the CVEs that are reported are not relevant / worth updating for.
	▲	yread 3 days ago \| parent \| prev \| next [-]
		`content-security-policy: default-src 'self';` (and not sending crypto transactions): No need to worry about CVEs in js
	▲	1718627440 3 days ago \| parent \| prev [-]
		If a library introduces CVEs per day, it's probably not so good to begin with.