HISE Logo Forum
    • Categories
    • Register
    • Login
    1. HISE
    2. IsaacToast
    3. Best
    I
    • Profile
    • Following 0
    • Followers 0
    • Topics 5
    • Posts 15
    • Groups 0

    Posts

    Recent Best Controversial
    • Do I need to install xcpretty to work with HISE on MacOS?

      Hi all,

      How necessary is xcpretty for working with HISE on macOS?

      The reason I ask is because the Dependabot and Code Scanning tools on Github list several security issues with it. (You can Fork the code and set them up under Security in Github to see them.)

      These are the Dependabot issues:

      Dependency Confusion in Bundler High Development
      #1 opened 12 minutes ago • Detected in bundler (RubyGems) • xcpretty.gemspec

      Local Code Execution through Argument Injection via dash leading git url parameter in Gemfile. Moderate Development
      #2 opened 12 minutes ago • Detected in bundler (RubyGems) • xcpretty.gemspec

      RuboCop gem Insecure use of /tmp Low Development
      #3 opened 12 minutes ago • Detected in rubocop (RubyGems) • xcpretty.gemspec

      And these are the Code Scanning Issues:

      Inefficient regular expression
      High
      #10 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:58
      master

      Inefficient regular expression
      High
      #9 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:58
      master

      Polynomial regular expression used on uncontrolled data
      High
      #8 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:481
      master

      Polynomial regular expression used on uncontrolled data
      High
      #7 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:462
      master

      Polynomial regular expression used on uncontrolled data
      High
      #6 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:459
      master

      Polynomial regular expression used on uncontrolled data
      High
      #5 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:433
      master

      Polynomial regular expression used on uncontrolled data
      High
      #4 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/parser.rb:316
      master

      Polynomial regular expression used on uncontrolled data
      High
      #3 opened 12 minutes ago • Detected by CodeQL in lib/.../reporters/json_compilation_databas...:37
      master

      Polynomial regular expression used on uncontrolled data
      High
      #2 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/ansi.rb:61
      master

      Polynomial regular expression used on uncontrolled data
      High
      #1 opened 12 minutes ago • Detected by CodeQL in lib/xcpretty/ansi.rb:51

      TBH I don’t really know what those warnings mean but they have High severity warnings so they look scary.

      So, can I get away without using xcpretty?

      Thanks!

      posted in General Questions
      I
      IsaacToast