Closed ydekel6 closed 1 year ago
The module http-cache-semantics which is coming from make-fetch-happen > from npm@8.19.3 has a high CVE: https://github.com/advisories/GHSA-rc47-6667-2j5j
http-cache-semantics
make-fetch-happen
Need to either push to newer npm@8 or npm@9 version
There is no newer npm@8 version. I don't see why we need to be locked onto npm@8 either.
https://github.com/npm/cli/issues/6151
There is a new v8 version https://github.com/npm/cli/releases/tag/v8.19.4
this should no longer be a problem
The module
http-cache-semantics
which is coming frommake-fetch-happen
> from npm@8.19.3 has a high CVE: https://github.com/advisories/GHSA-rc47-6667-2j5jNeed to either push to newer npm@8 or npm@9 version