babel/traverse package version has been flagged with vulnerability

jest-community / jest-editor-support

A module for handling editor to jest integration

MIT License

28 stars 21 forks source link

babel/traverse package version has been flagged with vulnerability #111

Closed dbhowarth closed 1 year ago

dbhowarth commented 1 year ago

The version of @babel/traverse@7.20.10 has been flagged with vulnerability: https://security.snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462. This can cause problems for users that have security scans that run in their pipelines, also upgrading will remove the vulnerability.

Here is the code that is referencing the package: https://github.com/jest-community/jest-editor-support/blob/master/package.json#L65C16-L65C16

SimenB commented 1 year ago

It's in semver range, so you can update in your own project without anything needing to change here