Current State from active vulnerabilitys

I am new to Parse and have looked at the Github repository.
I noticed that the current build has some issues and marked vulnerabilities, 2 with high severity. One of them is a year old.
Do these affect the usability of Parse Server or are they no longer important?

I am trying to understand larger projects like parse-server, so I appreciate any answers.

The failing build badges are somewhat misleading. We have some flaky tests in our test suite so if one of them randomly fails the badge will show “failing”. That doesn’t meant that there are issues with the product but rather with the tests.

Of the 2 high severity vulnerabilities, one is related to the Parse Server push adapter, which needs to be looked at. The other one is related to the GraphQL API. If you aren’t using GraphQL, then this should not affect you. In fact, we plan to move the GraphQL adapter out of Parse Server because this is also somewhat misleading.

1 Like