frederikprijck
commented
8 months ago Thanks 🚀
Closed joshiste closed 8 months ago
frederikprijck
commented
8 months ago Thanks 🚀
joshiste
commented
7 months ago @frederikprijck can we expect a release with this soonish?
frederikprijck
commented
7 months ago 👋 @joshiste, can you help me understand the need for a new release? We do not publish our lockfile, and the updates are to devDependencies for as far as I can tell, which is why I was planning to let this one release with one of the future releases, instead of cutting a release for this specifically.
Is any tool complaining of auth0-js having a vulnerable dependency or what's the reason for expecting a new release?
Especially CVE-2022-25883