[BUG]: v4.2.2 Has Security Vulnerabilities #375

secondmanveran · 2023-08-07T19:19:28Z

What is the expected and current behavior?
Inkline dependencies should install without vulnerabilities.
Steps to reproduce
Clone repository, run npm install
Please tell us about your environment:
- v4.2.2
- macOS 13.14.1

got package has vulnerabilities:

got  <11.8.5
Severity: moderate
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
fix available via `npm audit fix --force`
Will install np@8.0.4, which is a breaking change
node_modules/got
node_modules/package-json/node_modules/got
  npm-name  <=6.0.1
  Depends on vulnerable versions of got
  node_modules/npm-name
    np  2.2.0 - 7.7.0
    Depends on vulnerable versions of npm-name
    Depends on vulnerable versions of update-notifier
    node_modules/np
  package-json  <=6.5.0
  Depends on vulnerable versions of got
  node_modules/package-json
    latest-version  0.2.0 - 5.1.0
    Depends on vulnerable versions of package-json
    node_modules/latest-version
      update-notifier  0.2.0 - 5.1.0
      Depends on vulnerable versions of latest-version
      node_modules/update-notifier

6 moderate severity vulnerabilities

The text was updated successfully, but these errors were encountered:

secondmanveran added the bug Issues that represent a bug. label Aug 7, 2023

secondmanveran changed the title ~~v4.2.2 Has Security Vulnerabilities~~ [BUG]: v4.2.2 Has Security Vulnerabilities Aug 7, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG]: v4.2.2 Has Security Vulnerabilities #375

[BUG]: v4.2.2 Has Security Vulnerabilities #375

secondmanveran commented Aug 7, 2023

[BUG]: v4.2.2 Has Security Vulnerabilities #375

[BUG]: v4.2.2 Has Security Vulnerabilities #375

Comments

secondmanveran commented Aug 7, 2023