shamas
commented
3 days ago Any updates on this? It's kind of annoying because the npm audit --fix installs a very outdated version of this package
Open bcgilliom opened 9 months ago
shamas
commented
3 days ago Any updates on this? It's kind of annoying because the npm audit --fix installs a very outdated version of this package
It seems the guidance is to no longer use the individual imports (they are basically deprecated) the security issue is fixed in the main package as of 4.17.19, but I think the individual packages (like
pick) didn't get repacked on npm?https://github.com/advisories/GHSA-p6mc-m468-83gw
https://github.com/lodash/lodash/issues/5809