Closed lohitakshgupta closed 1 year ago
Resolving xml2js Dependabot Alert: https://github.com/microsoft/azure-devops-extension-sample/security/dependabot/40
xml2js
I only added overrides in package.json and then ran npm install --package-lock-only
package.json
npm install --package-lock-only
Just a note that the reason for the big changes in package-lock.json is because we've moved to npm 8.15.0 so we can take advantage of the new overrides feature of package.json.
package-lock.json
overrides
Resolving
xml2js
Dependabot Alert: https://github.com/microsoft/azure-devops-extension-sample/security/dependabot/40I only added overrides in
package.json
and then rannpm install --package-lock-only