We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
npm audit is showing vulnerabilities that exist in the shelljs, yargs, and yargs-parser dependencies included.
# npm audit report shelljs <=0.8.4 Severity: high Improper Privilege Management in shelljs - https://github.com/advisories/GHSA-64g7-mvw6-v9qj Improper Privilege Management in shelljs - https://github.com/advisories/GHSA-4rq4-32rv-6wp6 No fix available node_modules/shelljs recursive-install * Depends on vulnerable versions of shelljs Depends on vulnerable versions of yargs node_modules/recursive-install yargs-parser <=5.0.0 Severity: moderate yargs-parser Vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-p9pc-299p-vxgp No fix available node_modules/recursive-install/node_modules/yargs-parser yargs 4.0.0-alpha1 - 7.0.0-alpha.3 || 7.1.1 Depends on vulnerable versions of yargs-parser node_modules/recursive-install/node_modules/yargs 4 vulnerabilities (3 moderate, 1 high)
I believe the issue is resolved, we just need to have a new version released with the updated dependencies.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
npm audit is showing vulnerabilities that exist in the shelljs, yargs, and yargs-parser dependencies included.
I believe the issue is resolved, we just need to have a new version released with the updated dependencies.
The text was updated successfully, but these errors were encountered: