node-fetch <2.6.7 Severity: high node-fetch forwards secure headers to untrusted sites - https://github.com/advisories/GHSA-r683-j2x4-v87g fix available vianpm audit fix --force`
Will install react-native-calendar-strip@1.4.2, which is a breaking change
node_modules/isomorphic-fetch/node_modules/node-fetch
isomorphic-fetch 2.0.0 - 2.2.1
Depends on vulnerable versions of node-fetch
node_modules/isomorphic-fetch
fbjs 0.7.0 - 1.0.0
Depends on vulnerable versions of isomorphic-fetch
node_modules/recyclerlistview/node_modules/fbjs
prop-types 15.5.0-alpha.0 - 15.6.1
Depends on vulnerable versions of fbjs
node_modules/recyclerlistview/node_modules/prop-types
recyclerlistview <=4.0.1
Depends on vulnerable versions of prop-types
node_modules/recyclerlistview
react-native-calendar-strip >=2.0.0
Depends on vulnerable versions of recyclerlistview
node_modules/react-native-calendar-strip
Hi,
Can you fix your dependencies ?
node-fetch <2.6.7 Severity: high node-fetch forwards secure headers to untrusted sites - https://github.com/advisories/GHSA-r683-j2x4-v87g fix available vianpm audit fix --force` Will install react-native-calendar-strip@1.4.2, which is a breaking change node_modules/isomorphic-fetch/node_modules/node-fetch isomorphic-fetch 2.0.0 - 2.2.1 Depends on vulnerable versions of node-fetch node_modules/isomorphic-fetch fbjs 0.7.0 - 1.0.0 Depends on vulnerable versions of isomorphic-fetch node_modules/recyclerlistview/node_modules/fbjs prop-types 15.5.0-alpha.0 - 15.6.1 Depends on vulnerable versions of fbjs node_modules/recyclerlistview/node_modules/prop-types recyclerlistview <=4.0.1 Depends on vulnerable versions of prop-types node_modules/recyclerlistview react-native-calendar-strip >=2.0.0 Depends on vulnerable versions of recyclerlistview node_modules/react-native-calendar-strip6 high severity vulnerabilities `
to
PR : https://github.com/BugiDev/react-native-calendar-strip/pull/385
Thanks you