generator-react-sdk icon indicating copy to clipboard operation
generator-react-sdk copied to clipboard

Published 20 hours ago verified publisher icon asyncapi

Update dependencies.

Open holomekc opened this issue 1 year ago • 2 comments

Security issues:

@babel/traverse

  • CVE-2023-45133 (Critical, Fixed in 7.23.2)

@babel/core

  • json5
    • CVE-2022-46175 (High, Fixed in 2.2.2)

There are some very old dependencies used by asyncapi. E.g. babel/core is 3 years old.

Can you please update the dependencies? I know it is used for code generation, but still.

holomekc avatar Feb 20 '24 21:02 holomekc

Welcome to AsyncAPI. Thanks a lot for reporting your first issue. Please check out our contributors guide and the instructions about a basic recommended setup useful for opening a pull request.
Keep in mind there are also other channels you can use to interact with AsyncAPI community. For more details check out this issue.

github-actions[bot] avatar Feb 20 '24 21:02 github-actions[bot]

@holomekc feel free to provide a PR happy review it ✌️

jonaslagoni avatar Feb 21 '24 08:02 jonaslagoni