search

nuxt-modules / supabase

Supabase module for Nuxt.
https://supabase.nuxtjs.org
MIT License
698 stars 126 forks source link

Depends on vulnerable versions of cookie #426

Open avi-agg opened 1 week ago

avi-agg commented 1 week ago

npm audit report

cookie <0.7.0 cookie accepts cookie name, path, and domain with out of bounds characters - https://github.com/advisories/GHSA-pxg6-pf52-xh8x fix available via npm audit fix --force Will install @nuxtjs/supabase@1.2.2, which is a breaking change node_modules/cookie @supabase/ssr * Depends on vulnerable versions of cookie node_modules/@supabase/ssr @nuxtjs/supabase >=1.3.1 Depends on vulnerable versions of @supabase/ssr node_modules/@nuxtjs/supabase

3 low severity vulnerabilities

To address all issues (including breaking changes), run: npm audit fix --force

avi-agg commented 5 days ago

Could someone provide a solution for this issue? I am managing a production website.

avi-agg commented 1 hour ago

Is this repo still active?

@larbish @atinux @danielroe

Please help me!