Closed 0Steve0 closed 4 years ago
Thanks. Please note that the DAP is not an npm module but just a JSON schema. Using this schema does not add any dependencies.
@0Steve0 where do you see the security alert? I cannot find any dependency on mkdirp ^0.5.1.
it's vscode-debugadapter(1.38) that depends on mkdirp(0.5.1) which using minimist(0.0.8).
Debug adapter protocol depends on mkdirp ^0.5.1, which has dependency on minimist 0.0.8. Recently, there is a securtiy vulnerability found in minisist 0.0.8, please refer to VS Code April 2020 for more details