Closed FantasticFiasco closed 5 years ago
Snyk also warns me about the dependency sspk of this package. Upgrade to version 1.14.2 or later to redeem this issue. Read the full description of the issue at https://app.snyk.io/vuln/npm:sshpk:20180409
I've worked around the issue by using the resolutions functionality of yarn. Package owner can close this issue if he or she wants.
I am indirectly referencing your package, and GitHub has warned me that your current package version is referencing a version of sshpk that has a security issue (for more information see NVD).
Would it be possible for you to update your dependency towards sshpk?