Closed RahulKalghatgi22 closed 11 months ago
Hi @samantharamon , \ Could you please help to take a look of this issue or involved in the area expert?
Thank you in advance.
We have an internal bug tracking this. The fix should be forth coming.
Updated package with fixes is published.
I am having an application which is using the updated version of office-addin-mock. In the component tree I see that the office-addin-mock is dependent on the semver (v5.7.1 - not a latest version). This dependency is causing a security issue.
Expected behavior
The security scan should pass the office-addin-mock.
Current behavior
I tried running a security scan on application and turns out that the office-addin-mock is pointing to semver@5.7.1 where it fails to pass the scan. I have tried downgrading the office-addin-mock version to 2.3.9 yet it is pointing to 5.7.1.
Steps to reproduce
Context
This is causing a security issue on an application.![office-addin-mock](https://github.com/OfficeDev/office-js/assets/139208945/d599d46a-7dca-4f5d-b708-d530fc2d02fb)