Closed dianekaplan closed 2 years ago
dependency chain: "@edx/frontend-build>webpack-dev-server>selfsigned>node-forge"
node-forge has a security vulnerability that's addressed in versions >=1.0.0.
This is fixed in webpack-dev-server version 4.7.3, but frontend-build currently uses webpack-dev-server 4.6.0. We need to update webpack-dev-server
I've submitted a pull request for this issue here: https://github.com/openedx/frontend-build/pull/234
This was resolved in https://github.com/openedx/frontend-build/pull/234 .
dependency chain: "@edx/frontend-build>webpack-dev-server>selfsigned>node-forge"
node-forge has a security vulnerability that's addressed in versions >=1.0.0.
This is fixed in webpack-dev-server version 4.7.3, but frontend-build currently uses webpack-dev-server 4.6.0. We need to update webpack-dev-server
I've submitted a pull request for this issue here: https://github.com/openedx/frontend-build/pull/234