aruniverse
commented
2 years ago Please take a look at this discussion thread regarding security vulnerabilities on our fork here: https://github.com/iTwin/itwinjs-core/discussions/3397
Closed blackandwhitezephyr closed 2 years ago
aruniverse
commented
2 years ago Please take a look at this discussion thread regarding security vulnerabilities on our fork here: https://github.com/iTwin/itwinjs-core/discussions/3397
blackandwhitezephyr
commented
2 years ago Thank you @aruniverse. Closing this.
webpack-dev-server 3.x depends on selfsigned 1.x, which depends on node-forge^0.10.0, which has security vulnerabilities. See the fix for selfsigned: https://github.com/jfromaniello/selfsigned/issues/55 Need top bump the webpack-dev-server version to get the fixed version of selfsigned.