You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When installing this package I get and audit report with 3 high vulnerabilities:
$ npm audit
High Prototype Pollution
Package lodash
Patched in >=4.17.11
Dependency of deps-ok
Path deps-ok > lodash
More info https://npmjs.com/advisories/782
High Prototype Pollution
Package lodash
Patched in >=4.17.12
Dependency of deps-ok
Path deps-ok > lodash
More info https://npmjs.com/advisories/1065
Low Prototype Pollution
Package lodash
Patched in >=4.17.19
Dependency of deps-ok
Path deps-ok > lodash
More info https://npmjs.com/advisories/1523
High Command Injection
Package lodash
Patched in >=4.17.21
Dependency of deps-ok
Path deps-ok > lodash
More info https://npmjs.com/advisories/1673
Low Prototype Pollution
Package minimist
Patched in >=0.2.1 <1.0.0 || >=1.2.3
Dependency of deps-ok
Path deps-ok > minimist
More info https://npmjs.com/advisories/1179
found 5 vulnerabilities (2 low, 3 high) in 13 scanned packages
These vulnerabilities are meaningless in a dev dependency like this, but still I'd like to get rid of them because it makes it harder to spot other important ones.
Any chance of releasing an updated version?
The text was updated successfully, but these errors were encountered:
When installing this package I get and audit report with 3 high vulnerabilities:
These vulnerabilities are meaningless in a dev dependency like this, but still I'd like to get rid of them because it makes it harder to spot other important ones.
Any chance of releasing an updated version?
The text was updated successfully, but these errors were encountered: