daniloab
commented
1 year ago Hi, @ankit201206 thanks
can you send a pr fixing it, please?
Closed ankit201206 closed 11 months ago
daniloab
commented
1 year ago Hi, @ankit201206 thanks
can you send a pr fixing it, please?
SuperBlahman
commented
1 year ago There's a PR already from the dependency bot - https://github.com/Surnet/swagger-jsdoc/pull/360
yaverin
commented
1 year ago @daniloab , Hi! Please let us know, what is ETA of new version release with this fix?
daniloab
commented
1 year ago @daniloab , Hi! Please let us know, what is ETA of new version release with this fix?
We need a fix in the yaml 2.2.2 dependabot pull request. Can someone fix this for us, please? Or check why the tests are breaking it
guy-microsoft
commented
1 year ago Vulnerability is still in there. Is there going to be a fix soon?
stale[bot]
commented
11 months ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
There is a security vulnerability discovered with a deep-down dependency of yaml@2.0.0-1. It looks like this has been resolved with v2.2.2, so an upgrade of that dependency version to v2.2.2 seems to be in order.