We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug Importing the entirety of lodash triggers security tooling such as sonatype, see e.g. critical vulnerability sonatype-2019-0467.
To Reproduce Use assets-webpack-plugin
assets-webpack-plugin
Expected behavior Only the parts of lodash that are actually used are included in the package.json
package.json
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Describe the bug
Importing the entirety of lodash triggers security tooling such as sonatype, see e.g. critical vulnerability sonatype-2019-0467.
To Reproduce
Use
assets-webpack-pluginExpected behavior
Only the parts of lodash that are actually used are included in the
package.jsonWebpack Config
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: