Open tapegram opened 3 days ago
It seems the a recent version (>5) of graphql-config does not have this dependency chain anymore, and it was already updated in https://github.com/dimaMachina/graphql-eslint/commit/296f700de147f2e5d218cfbf03921a7f41944764 so a fresh release of @graphql-eslint/eslint-plugin
would already resolve the issue, I think.
@dimaMachina What are the plans for a new release? The last release was almost a year ago.
Issue workflow progress
Progress of the issue based on the Contributor Workflow
[ ] 1. The issue provides a reproduction available on GitHub, Stackblitz or CodeSandbox
[ ] 2. A failing test has been provided
[ ] 3. A local solution has been provided
[ ] 4. A pull request is pending review
Describe the bug
Dependabot is reporting a transitive dependency needs updating:
It would be great if graphql-eslint could update its dependencies on graphql-tools once they release their updates.
They updated their version of
ws
in the last week:https://github.com/ardatan/graphql-tools/pull/6273
To Reproduce Steps to reproduce the behavior:
Expected behavior
No more vulnerability in transitive dependencies!
Thanks!