yo icon indicating copy to clipboard operation
yo copied to clipboard

Published 20 hours ago verified publisher icon yeoman

15 vulnerabilities when installing

Open Florian-Schoenherr opened this issue 2 years ago • 3 comments

after npm install, 15 vulnerabilities I see that some of the libs got updated a few weeks ago, but there was no release and there are still some PRs with dependency updates. I'll see if I can solve some of them?

Florian-Schoenherr avatar Dec 06 '21 20:12 Florian-Schoenherr

This is concerning, is there a plan to keep on top of security vulnerabilities in consumed packages? As @Florian-Schoenherr points out, the security issue relating to trim-newlines was fixed nearly three months ago now and no release has been made.

nijk avatar Feb 09 '22 09:02 nijk

Screenshot 2022-03-04 212921

It's been almost 3 months and there's still 15 vulnerabilities, I wanted to develop a few VS Code extensions (VS Code uses yo to create a new extension project), but I'm a little concerned after seeing 15 vulnerabilities and a few deprecated warnings

KTSnowy avatar Mar 05 '22 00:03 KTSnowy

I have same issue

kanlukasz avatar Mar 18 '22 09:03 kanlukasz