You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our project is built with vue-js, and the dev dependency of vue-cli service has a required dependency called 'ssri'.
it currently uses 6.0.1 version while the updated version is 8.0.1.
This shows us a vulnerability alert on github saying:
We found potential security vulnerabilities in your dependencies.
Dependencies defined in these manifest files have known security vulnerabilities and should be updated.
it is important to mention that the vulnerable dependency is located in the package-lock.json file.
what can we do about it ?
The text was updated successfully, but these errors were encountered:
Version
5.0.0-alpha.8
Environment info
Steps to reproduce
Open a vue project with those dependencies and upload it to github:
Our project is built with vue-js, and the dev dependency of vue-cli service has a required dependency called 'ssri'.
it currently uses 6.0.1 version while the updated version is 8.0.1.
This shows us a vulnerability alert on github saying:
We found potential security vulnerabilities in your dependencies.
Dependencies defined in these manifest files have known security vulnerabilities and should be updated.
it is important to mention that the vulnerable dependency is located in the package-lock.json file.
what can we do about it ?
The text was updated successfully, but these errors were encountered: