You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The pipeline security vulnerability checker fails since node-forge (v0.9.0) which is a dependency required by selfsigned (v1.10.7) is flagged to have to be of high vulnerability. Bumping the version of selfsigned to 1.10.8 should fix the issue.
For Bugs; How can we reproduce the behavior?
Run npx hawkeye scan --module node-npmaudit --show-code -f high in project if you use webpack-dev-server
For Features; What is the motivation and/or use-case for the feature?
Have compliant packages
The text was updated successfully, but these errors were encountered:
we prepare v4 and it was pumped, anyway you can update it locally, no need to do new release, just update deps (don't forget about lock file), it is why we use ^ in package.json
Operating System: macOS Catalina 10.15.6
Node Version: v12.16.1
NPM Version: 6.14.8
webpack Version: 4.44.1
webpack-dev-server Version: 3.11.0
Browser: Chrome
This is a modification request
Code
Expected Behavior
Pass security vulnerability test in pipeline
Actual Behavior
The pipeline security vulnerability checker fails since node-forge (v0.9.0) which is a dependency required by selfsigned (v1.10.7) is flagged to have to be of high vulnerability. Bumping the version of selfsigned to 1.10.8 should fix the issue.
For Bugs; How can we reproduce the behavior?
Run
npx hawkeye scan --module node-npmaudit --show-code -f high
in project if you usewebpack-dev-server
For Features; What is the motivation and/or use-case for the feature?
Have compliant packages
The text was updated successfully, but these errors were encountered: