Commit e2974f6
authored
fix(helpViewer): tls certificate validation disabled (#1702)
In src/helpViewer/cran.ts line 17, the code sets `process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'` to bypass TLS certificate verification. This creates a serious security vulnerability allowing man-in-the-middle attacks when fetching packages from CRAN mirrors.
Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com>1 parent eba52fc commit e2974f6
1 file changed
Lines changed: 0 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
25 | 25 | | |
26 | 26 | | |
27 | 27 | | |
28 | | - | |
29 | 28 | | |
30 | 29 | | |
31 | 30 | | |
32 | 31 | | |
33 | 32 | | |
34 | 33 | | |
35 | 34 | | |
36 | | - | |
37 | | - | |
38 | | - | |
39 | 35 | | |
40 | 36 | | |
41 | 37 | | |
| |||
0 commit comments