This repository has been archived by the owner on Aug 25, 2021. It is now read-only.
Security issue with dependency - minimist #375
Assignees
Labels
kind/improvement
An improvement to existing feature and code.
tech/typescript
Issue for tech TypeScript.
Milestone
Comments
pantharshit00
added
kind/improvement
janpio
added
tech/typescript
Jolg42
added a commit
to prisma/prisma
that referenced
this issue
Apr 22, 2020
|
So the issue in the dependencies referenced in @prisma/sdk was coming from the package @apexearth/copy
It is now fixed 😄 There is one more place were this low vulnerability can be found but it's in a devDependency bahmutov/snap-shot-it#514 we'll wait for an update there but this should not be a security issue for you. @madebysid will also update dependencies in Studio |
|
I've bumped up all dependencies in Studio as well now. |
|
Ok so I will close this once the latest version of Studio is included then! |
|
The latest version of studio is now in alpha so I will close this 😃 It will be in the next beta. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi. When installing the latest version of migrate (tried both preview024 and the latest alpha release), I get security issues relating to prisma's dependency (or rather the studio-server) minimist (Screenshot below). You may want to consider updating the dependency. Thanks.
PS: This is affecting not just this package, but many other packages as well like kafka-node, eslint, etc. Some other issues similar to this here:
eslint/eslint#13050
handlebars-lang/handlebars.js#1661
The text was updated successfully, but these errors were encountered: