chai-properties uses older version of lodash that has vulnerability #17
Comments
|
@vbardales Can you please make this change ? |
myme
pushed a commit
to myme/jsxapi
that referenced
this issue
Aug 19, 2019
chai-properties has a very outdated dependency on lodash (~3.x.y). This version is insecure. The issue has been raised to the maintainer, but hasn't been addressed: vbardales/chai-properties#17
myme
pushed a commit
to myme/jsxapi
that referenced
this issue
Aug 19, 2019
chai-properties has a very outdated dependency on lodash (~3.x.y). This version is insecure. The issue has been raised to the maintainer, but hasn't been addressed: vbardales/chai-properties#17
myme
pushed a commit
to myme/jsxapi
that referenced
this issue
Aug 19, 2019
chai-properties has a very outdated dependency on lodash (~3.x.y). This version is insecure. The issue has been raised to the maintainer, but hasn't been addressed: vbardales/chai-properties#17
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
chai-propertiesmodule is using the lodash's older version which is having vulnerability issue.I tried raising a PR for the same. But I don't have access to create a branch in this repo.
Can we please have this change in
package.json?The text was updated successfully, but these errors were encountered: