I hope this message finds you well. I am reaching out to address a significant security concern within the Visual Studio Code extension, specifically related to one of its dependencies.
Upon review, I have identified a critical vulnerability associated with the open package, version 0.0.5, which is currently being used in this extension. The vulnerability details are as follows:
Hello,
I hope this message finds you well. I am reaching out to address a significant security concern within the Visual Studio Code extension, specifically related to one of its dependencies.
Upon review, I have identified a critical vulnerability associated with the open package, version 0.0.5, which is currently being used in this extension. The vulnerability details are as follows:
Are there any plans to update the open dependency to a more secure version to address this vulnerability?
Looking forward to your response and any guidance you can provide on how best to proceed with resolving this issue.
Thank you for your time and attention to this matter.