Closed snyk-bot closed 5 years ago
I can update the package.json
to solve this, but i will need run tests to make sure it won't break the code
Also, by curiosity, is packages like sshpk
even being used? Or they can be removed?
I will make a check to see which packages are truly needed
auto fixing vun. in Branch 3.0.0-nightly. this can be closed and deleted.
Description
This PR fixes one or more vulnerable packages in the
npm
dependencies of this project. See the Snyk test report for more details.Snyk Project: AminoJS/Amino.JS:package.json
Snyk Organization: AminoJS
Lockfile
If you are using
package-lock.json
oryarn.lock
, please re-lock your dependencies and push an updated lockfile before merging this PR.Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
You can read more about Snyk's upgrade and patch logic in Snyk's documentation.
Check the changes in this PR to ensure they won't cause issues with your project.
Stay secure, The Snyk team
Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.