Skip to content
This repository has been archived by the owner on Aug 18, 2023. It is now read-only.

Security issues in packages #94

Open
AX-LLaidley opened this issue Jun 9, 2021 · 2 comments
Open

Security issues in packages #94

AX-LLaidley opened this issue Jun 9, 2021 · 2 comments

Comments

@AX-LLaidley
Copy link

There are many security issues in the dependencies of @redocly/[email protected] that I can't seem to fix using Yarn or NPM due to those tools being unable to resolve the dependency tree. Yarn reports 52 overall vulnerabilities, with 15 being deemed high risk. NPM reports 86 vulnerabilities (61 moderate, 25 high).

Any chance we can get the dependencies brought up to date to help resolve these issues? Thanks in advance.
eresolve-report692021.txt
@RomanHotsiy
Copy link
Member

Hi @AX-LLaidley,

Thanks for your report. Could you please specify the version of npm and yarn you use.

Thanks!

@AX-LLaidley
Copy link
Author

Hi @RomanHotsiy,

I'm using npm 7.15.1 and yarn 1.22.10. I only tried using npm to see if I could use npm audit fix to update the packages. But it's having problems resolving dependencies now, which is most likely due to me trying to update packages manually and it not working correctly.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RomanHotsiy @AX-LLaidley