igniteui-cli icon indicating copy to clipboard operation
igniteui-cli copied to clipboard
verified publisher icon IgniteUI

bad dependency `mem`: Denial of Service in mem - https://github.com/advisories/GHSA-4xcv-9jjx-gfj3

Open ericop opened this issue 2 years ago • 0 comments

Description

NPM AUDIT is giving the following:

Denial of Service in mem - https://github.com/advisories/GHSA-4xcv-9jjx-gfj3 No fix available node_modules/mem os-locale 2.0.0 - 3.0.0 Depends on vulnerable versions of mem node_modules/os-locale yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of os-locale Depends on vulnerable versions of yargs-parser node_modules/igniteui-cli/node_modules/yargs igniteui-cli * Depends on vulnerable versions of yargs node_modules/igniteui-cli

  • Ignite UI CLI version: "13.1.15"
  • Framework: Angular
  • Project type: ig-ts|igx-ts

Steps to reproduce

  1. Step 1: run npm audit

Result

dependencies on yargs > mem which is deprecated

Expected result

Update dependencies to maintained packages

Attachments

image

ericop avatar Apr 23 '24 13:04 ericop