loader Utils Dependabot alerts in github for version below 3.2.1

bholloway / resolve-url-loader

Webpack loader that resolves relative paths in url() statements based on the original source file

563 stars 71 forks source link

loader Utils Dependabot alerts in github for version below 3.2.1 #231

Open anjaneyuludesu opened 1 year ago

dppanteon commented 1 year ago

loader-utils stable version is 3.2.1 which has dependency on JSON5 2.2.1 which resolves the Published Vulnerabilities https://github.com/advisories/GHSA-9c47-m6qq-7p4h (OSSINDEX) . This vulnerability was because of JSON5 2.1.2.

Request resolution for the same is to upgrade loader-utils to 3.2.1