Closed wesley3295 closed 2 days ago
I believe there might be some confusion here.
The vulnerability was in the formio library not formio.js.
I believe there might be some confusion here.
The vulnerability was in the formio library not formio.js.
I'm a dummy thank you
Describe the bug There is 3 critical vulnerabilities regarding vm2 and yes there is a audit fix but it involves reverting back to formio version 4.2.0. My company is currently using version ^5.0.0-rc.30.
Version/Branch ^5.0.0-rc.30
To Reproduce npm i with version ^5.0.0-rc.30
Expected behavior no vulnerabilities
Screenshots![image](https://github.com/formio/formio.js/assets/67900324/8025fb22-5175-4897-84cf-82b6d3fc4a49)
Is there a workaround that doesn't involve breaking changes?