Latest version has vulnerable dependency

Open andreisaikouski opened this issue 2 years ago • 0 comments

as per npm audit using [email protected]

yargs-parser  <=5.0.0
Severity: moderate
yargs-parser Vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-p9pc-299p-vxgp
No fix available
node_modules/paperspace-node/node_modules/yargs-parser
  yargs  4.0.0-alpha1 - 7.0.0-alpha.3 || 7.1.1
  Depends on vulnerable versions of yargs-parser
  node_modules/paperspace-node/node_modules/yargs
    paperspace-node  *
    Depends on vulnerable versions of yargs
    node_modules/paperspace-node

May 29 '23 13:05 andreisaikouski