Github is now telling me I've got security vulnerabilities when I do a "nikola github_deploy".

[T. Kurt Bond]

Github is now telling me I've got security vulnerabilities when I do a "nikola github_deploy".

Here's the message I got:

remote: GitHub found 4 vulnerabilities on tkurtbond/tkurtbond.github.io's default branch (1 high, 3 moderate). To find out more, visit:

remote:      <a url i've omitted>

Anybody have any idea what I should do about this?

--

T. Kurt Bond, tkur...@gmail.com, https://tkurtbond.github.io

[T. Kurt Bond]

A little more information: I'm using bootblog-jinja, which inherits from bootstrap3-jinja, which is what includes jquery.min.* comes from.

[Chris Warrick]

Those "vulnerabilities" are caused by jQuery 1.x being used by
bootstrap3-jinja, and jQuery 1.x isn’t supported anymore. I wouldn't
really consider those vulnerabilities important for a typical Nikola
site. You could try to upgrade jQuery for your site, although I think
that jQuery 3 might be too new for some components that bootstrap3
uses. You can also disable the warnings on GitHub.

--
Chris Warrick <https://chriswarrick.com/>
PGP: 5EAAEA16

[T. Kurt Bond]

Thanks for the information.

--
You received this message because you are subscribed to the Google Groups "nikola-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nikola-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nikola-discuss/CAMw%2Bj7JYVkvkQaXdzMm5ceZ5DP3WCwcEQnrxOv9BokH%3Df%2B5-sw%40mail.gmail.com.