Upgrade tough-cookie to a non vulnerable version.
The upgrade to cypress 12.x.xshould solve some of the vulnerability issues in this alert. Might need to find an
alternative to yo; upgraded to 4.3.1,the LSV, but that still uses a vulnerable version of tough-cookie. Node-sass, also depends on vulnerable version, our node upgrade and migration from node-sass should help to partially resolve this issue.
Description
Upgrade
tough-cookie
to a non vulnerable version. The upgrade tocypress 12.x.x
should solve some of the vulnerability issues in this alert. Might need to find an alternative toyo
; upgraded to 4.3.1,the LSV, but that still uses a vulnerable version oftough-cookie
.Node-sass
, also depends on vulnerable version, our node upgrade and migration fromnode-sass
should help to partially resolve this issue.Dependabot Alert:
https://github.com/department-of-veterans-affairs/vets-website/security/dependabot/118