Hi, in version 3.1.2 a dependency on package "14" was introduced that causes an (very old) npm audit failure:
Low Regular Expression Denial of Service
Package clean-css
Patched in >=4.1.11
Dependency of cypress-ntlm-auth [dev]
Path cypress-ntlm-auth > 14 > gulp-minify-css > clean-css
More info https://npmjs.com/advisories/785
Given that both 14 and gulp-minify-css seem unmaintained, can this be fixed somehow in cypress-ntlm-auth?
Thanks for reporting this. The package 14 must have been added by mistake, it’s not used by the plug-in. I’m preparing a patched release where I clean up unused dependencies.
Hi, in version 3.1.2 a dependency on package "14" was introduced that causes an (very old) npm audit failure:
Given that both
14
andgulp-minify-css
seem unmaintained, can this be fixed somehow incypress-ntlm-auth
?