- edited description
update deps due to sec vuln
Issue #79
invalid
Hi,
Could we update js-yaml dep due to a sec vuln.
I have raised an issue against json-schema-ref-parser
Cheers!
Comments (7)
-
Account Deleted reporter -
Account Deleted reporter - attached Screenshot 2019-03-22 at 12.11.24.png
- edited description
-
@YOU54F we already have declared our dependency like this:
"js-yaml": "^3.12.0"
And from your screen shot the fix is in 3.13.0 or higher, which will be picked up by our caret range. What more do you need us to do?
-
Account Deleted reporter Ahhh yes, you are correct on the fact that it will pick up that version, deleted my yarn lock file and reinstalled, yarn audit was fine after that :)
Thanks! I will marked as resolved
-
Account Deleted reporter Thanks Ben!
-
Account Deleted reporter - changed status to resolved
-
Account Deleted reporter - changed status to invalid
- Log in to comment