You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All other packages and their dependencies have updated to a non-vulnerable version of minimist. However, npm audit still reports a vulnerability since eslint-config-next depends on v2.4.0 of eslint-import-resolver-typescript. The dependency has been updated in v2.6.0 (See: import-js/eslint-import-resolver-typescript#98)
Expected Behavior
Update the eslint-import-resolver-typescript dependency in
This closed issue has been automatically locked because it had no new activity for a month. If you are running into a similar issue, please create a new issue with the steps to reproduce. Thank you.
Verify canary release
Provide environment information
What browser are you using? (if relevant)
No response
How are you deploying your application? (if relevant)
No response
Describe the Bug
The minimist package has a security vulnerability in versions <=1.2.5.
npm audit
reports the following dependency path:eslint-config-next > eslint-import-resolver-typescript > tsconfig-paths > json5 > minimist
All other packages and their dependencies have updated to a non-vulnerable version of minimist. However,
npm audit
still reports a vulnerability sinceeslint-config-next
depends on v2.4.0 ofeslint-import-resolver-typescript
. The dependency has been updated in v2.6.0 (See: import-js/eslint-import-resolver-typescript#98)Expected Behavior
Update the
eslint-import-resolver-typescript
dependency innext.js/packages/eslint-config-next/package.json
Line 16 in 3069d4b
To Reproduce
Install
eslint-config-next
and runnpm audit
The text was updated successfully, but these errors were encountered: