npm audit returns 8 moderate severity vulnerabilities but all the fixes downgrade web-ext to 7.2.0. Those don't sound like vulnerabilities which can be ignored either, especially since web-ext is highly likely to be used with webpack which brings at least few hundred dependencies along baseline.
What is the expected or desired behavior?
Fixing audit problems without downgrading web-ext.
Is this a feature request or a bug?
Neither.
What is the current behavior?
npm audit
returns8 moderate severity vulnerabilities
but all the fixes downgradeweb-ext
to7.2.0
. Those don't sound like vulnerabilities which can be ignored either, especially sinceweb-ext
is highly likely to be used withwebpack
which brings at least few hundred dependencies along baseline.What is the expected or desired behavior?
Fixing audit problems without downgrading
web-ext
.Version information (for bug reports)