Open BernhardMaier opened 3 years ago
Security issue is caused by gulp 4.0.2
and can't be fixed until gulp
is updated.
See https://www.npmjs.com/package/gulp for more infos.
gulp@4.0.2 is using cache-based and union-value and they are using set-value:
gulp@4.0.2 requires set-value@^2.0.0 via a transitive dependency on cache-base@1.0.1
gulp@4.0.2 requires set-value@^2.0.1 via a transitive dependency on union-value@1.0.1
Both projects already have issues and pull request addressing and fixing the security vulnerability:
Currently no issue in https://github.com/gulpjs/gulp/issues related to this vulnerability.
Small updates: