We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mkdirp@0.5.1 depends on minimist@0.0.8 which has a HIGH NVD Vulnerability
Dependency listed here: https://github.com/serverless/serverless/blob/master/package.json#L193
See the attached doc: serverless-1.66.0-dependency-graph.txt To get this I did npm install -g npm-remote-ls then npm-remote-ls > file.txt
npm install -g npm-remote-ls
npm-remote-ls > file.txt
Vulnerability is listed here: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
Can you update the mkdirp dependency to 1.0.0 or higher?
The text was updated successfully, but these errors were encountered:
@dmcquiston great thanks for report!
Unfortunatelly we cannot do it without dropping support for old Node.js versions, which is covered here: #7362
I've created one dedicated issue for that problem: #7486 (please follow it)
Hence I'm going to close it as duplicate
Sorry, something went wrong.
No branches or pull requests
mkdirp@0.5.1 depends on minimist@0.0.8 which has a HIGH NVD Vulnerability
Description
Dependency listed here: https://github.com/serverless/serverless/blob/master/package.json#L193
See the attached doc: serverless-1.66.0-dependency-graph.txt
To get this I did
npm install -g npm-remote-ls
thennpm-remote-ls > file.txt
Vulnerability is listed here: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
Can you update the mkdirp dependency to 1.0.0 or higher?
The text was updated successfully, but these errors were encountered: