storybook-deployer [Bug] Critical vulnerability in due to outdated dependency `git-url-parse`

[Bug] Critical vulnerability in due to outdated dependency `git-url-parse`

Open siminino opened this issue 2 years ago • 0 comments

Describe the bug

Critical vulnerability related to git-url-parse sub dependency parse-url. It is not possible to fix it in my projects by yarn resolutions since is related to major version upgrades containing Breaking Changes. To fix it, git-url-parse must be upgraded to version 12.

Obs: also high and moderate vulnerabilities are going to be fixed by this dependency upgrade.

Steps to reproduce the behaviour

clone repo;
run yarn;
run yarn audit;

Expected behaviour

No critical and high vulnerabilities.

Screenshots and/or logs

Environment

Node.js version: v16.13.1
NPM version: 8.1.2

Jul 15 '22 10:07 siminino

storybook-deployer storybook-deployer copied to clipboard

[Bug] Critical vulnerability in due to outdated dependency `git-url-parse`

Describe the bug

Steps to reproduce the behaviour

Expected behaviour

Screenshots and/or logs

Environment

storybook-deployer
storybook-deployer copied to clipboard