Using outdated dependency flags dependency confusion attack [PR available]

## Expected Behavior
Prior to v1.9.0, `acorn-import-attributes` (then called `acorn-import-assertions`) used an implicit/not fully qualified reference to a dependency (`test262`).

This causes security scanning tools to flag a possible dependency confusion attack.

## Actual Behavior
No security warning

## Steps to Reproduce the Problem

  1. Run security scan (e.g. Orca) on code using this repo 

## Specifications

  - Version: 1.7.3
  - Platform: (all)
  - Subsystem: (all)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Using outdated dependency flags dependency confusion attack [PR available] #71

Expected Behavior

Actual Behavior

Steps to Reproduce the Problem

Specifications

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Using outdated dependency flags dependency confusion attack [PR available] #71

Description

Expected Behavior

Actual Behavior

Steps to Reproduce the Problem

Specifications

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions