New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update webpack-subresource-integrity library to the latest version #19564
Comments
@Michael-Ziluck, can you please indicate which Angular CLI version is effected?. I am not seeing any dependency on version 1.5.0 which is the version that the vulnerability was introduced based on GHSA-4fc4-chg7-h8gh |
#19188 was actually locked due to inactivity after it was closed by the original author. Per the advisory (GHSA-4fc4-chg7-h8gh), only version 1.5.0 is affected. No current stable version of the Angular CLI uses version 1.5.0 of the |
@clydin is right, I closed my issue after I found out that changes were already applied and were ready for the next release. |
Closing as per above. |
This issue has been automatically locked due to inactivity. Read more about our automatic conversation locking policy. This action has been performed automatically by a bot. |
Could you please update "webpack-subresource-integrity" library version in order to fix security vulnerability:
Vulnerable versions: < 1.5.1
Patched version: 1.5.1
References
waysact/webpack-subresource-integrity#131
This was also requested in #19188 by @ashkue but was closed due to inactivity.
The text was updated successfully, but these errors were encountered: