This repository has been archived by the owner on Dec 9, 2023. It is now read-only.
Update dependencies to avoid vulnerabilities #32
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Dependencies were last updated three years ago.
The dependencies need to be updated to avoid vulnerabilities in their older versions.
One example is
better-ajv-errors, which is set to0.6.7, but there is a prototype pollution vulnerability in one of their dependencies for<= 0.8.1. The latest version is1.2.0.The text was updated successfully, but these errors were encountered: