eslint-formatter-summary icon indicating copy to clipboard operation
eslint-formatter-summary copied to clipboard

Published 20 hours ago verified publisher icon mhipszki

the got package < 11.8.5 has a moderate security vulnerability

Open scottdickerson opened this issue 2 years ago • 3 comments

https://github.com/advisories/GHSA-pfrx-2q88-qq97

See details above

scottdickerson avatar Jun 28 '22 15:06 scottdickerson

This is related to issue #36 and PR #37, since the vulnerable got package is a dependency of np.

yarn why v1.22.19
[1/4] 🤔  Why do we have the module "got"...?
[2/4] 🚚  Initialising dependency graph...
[3/4] 🔍  Finding dependency...
[4/4] 🚡  Calculating file sizes...
=> Found "[email protected]"
info Reasons this module exists
   - "eslint-formatter-summary#np#npm-name" depends on it
   - Hoisted from "eslint-formatter-summary#np#npm-name#got"
info Disk size without dependencies: "552KB"
info Disk size with unique dependencies: "2.94MB"
info Disk size with transitive dependencies: "8.59MB"
info Number of shared dependencies: 28
=> Found "package-json#[email protected]"
info This module exists because "eslint-formatter-summary#np#update-notifier#latest-version#package-json" depends on it.
info Disk size without dependencies: "140KB"
info Disk size with unique dependencies: "472KB"
info Disk size with transitive dependencies: "816KB"
info Number of shared dependencies: 22

mogsdad avatar Jul 13 '22 00:07 mogsdad

thanks guys, I shall update this asap

mhipszki avatar Aug 09 '22 16:08 mhipszki

@mhipszki @jaydp17 this issue can be closed by merging #37

joematthews avatar May 19 '23 21:05 joematthews