search

IgniteUI / igniteui-cli

Ignite UI Command-Line Interface by Infragistics
https://bit.ly/2L19rhp
MIT License
118 stars 4 forks source link

bad dependency `mem`: Denial of Service in mem - https://github.com/advisories/GHSA-4xcv-9jjx-gfj3 #1246

Closed ericop closed 3 months ago

ericop commented 5 months ago

Description

NPM AUDIT is giving the following:

Denial of Service in mem - https://github.com/advisories/GHSA-4xcv-9jjx-gfj3 No fix available node_modules/mem os-locale 2.0.0 - 3.0.0 Depends on vulnerable versions of mem node_modules/os-locale yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of os-locale Depends on vulnerable versions of yargs-parser node_modules/igniteui-cli/node_modules/yargs igniteui-cli * Depends on vulnerable versions of yargs node_modules/igniteui-cli

Steps to reproduce

  1. Step 1: run npm audit

Result

dependencies on yargs > mem which is deprecated

Expected result

Update dependencies to maintained packages

Attachments

image
github-actions[bot] commented 3 months ago

There has been no recent activity and this issue has been marked inactive.