Open ddbhagat opened 3 years ago
Getting below vulnerability for apollo-datasource-graphql@^1.3.2
apollo-datasource-graphql@^1.3.2
┌──────────────────────────────────────────────────────────────────────────────┐ │ Manual Review │ │ Some vulnerabilities require your attention to resolve │ │ │ │ Visit https://go.npm.me/audit-guide for additional guidance │ └──────────────────────────────────────────────────────────────────────────────┘ ┌───────────────┬──────────────────────────────────────────────────────────────┐ │ Low │ Denial of Service │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ node-fetch │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=2.6.1 <3.0.0-beta.1|| >= 3.0.0-beta.9 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ apollo-datasource-graphql │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ apollo-datasource-graphql > isomorphic-fetch > node-fetch │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://npmjs.com/advisories/1556 │ └───────────────┴──────────────────────────────────────────────────────────────┘ found 1 low severity vulnerability in 322 scanned packages 1 vulnerability requires manual review. See the full report for details.```
@evancorl - will you be able to update the security vulnerability?
Getting below vulnerability for
apollo-datasource-graphql@^1.3.2