Closed limitedmage closed 4 years ago
Even we are facing the exact same issue. Please do let us know how we can fix it.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
When installing LESS via NPM, it seems to install version 6.3.0 of Acorn inside
node_modules/less/packages/less/node_modules/acorn
which has a security vulnerability: https://www.npmjs.com/advisories/1488This is tripping our internal security checks. Is there a way to fix it? This doesn't seem to be installed via normal NPM dependency chain and does not show up in
npm list
ornpm audit
.