Closed dreamorosi closed 2 years ago
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
Confirm by changing [ ] to [x] below to ensure that it's a bug:
Describe the bug
The SDK dependes on a vulnerable version of
minimist
(v1.2.5) which is affected by CVE-2021-44906. Could you please update & publish a new version of the SDK withminimist
updated to v1.2.6?As of now, projects that depend on the SDK will have the dependency flagged as vulnerable and this, in some cases, can block deployment pipelines.
SDK version number latest