ECDSA signature reported as invalid by NPM

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Works as Designed
    • Priority: Critical - P2
    • None
    • Affects Version/s: 6.4.0
    • Component/s: Security
    • 2
    • Not Needed
    • None
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?
    • None
    • None
    • None
    • None
    • None
    • None

      Use Case

      `npm audit signatures` fails due to invalid attestation from `bson` & `mongodb`

      User Impact

      • I need to disable the command, therefore cannot validate. Also I'm not sure if the package as effectively be corrupted

       

        1. Screenshot 2024-03-01 at 12.27.01.png
          Screenshot 2024-03-01 at 12.27.01.png
          1.12 MB

              Assignee:
              Durran Jordan
              Reporter:
              Moroine Bentefrit
              None
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: