ericve25
commented
1 year ago @sartaj10 @pjm17971 this is ready for review. Would you be able to take a look here to see if this is mergeable to resolve the security vulnerability?
Open ericve25 opened 1 year ago
ericve25
commented
1 year ago @sartaj10 @pjm17971 this is ready for review. Would you be able to take a look here to see if this is mergeable to resolve the security vulnerability?
A critical security vulnerability in older versions of
loader-utilsis included in this project's current dependency tree. https://security.snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105 Updated all dependencies to latest minor/patch versions to mitigate this issue. Also removed devDependencydsv-loaderas it pinned a very old, vulnerable version ofloader-utilsand didn't seem to actually be used anywhere in the dev scripts. Tested all example pages locally in the website, and all appear working after this update.