Closed haddigan closed 2 years ago
I created a new version today with updated dependencies. For swagger-ui-dist I updated not to v4 which would be a kind of breaking change but to the latest 3.52.2.
My plan for future versions is to exclude swagger-ui-dist as a direct dependency.
Dependabot is reporting a vulnerability in the
swagger-ui-dist
version used by this package:The
swagger-ui-dist
package is listed in the greenkeeper ignore section of the package.json for this project. Is it absolutely necessary to continue using this insecure version or is it possible to update to the latest4.1.3
?