This allows us to restrict the version of transitive dependencies which is not achievable by plain npm. Hence, to give an example we're restricting the version of lodash in here which fixes the critical vulnerability and for the future npm vulnerabilities as well.
PS. This upgrade has inadvertently fix the other vulnerabilities as well.
This allows us to restrict the version of transitive dependencies which is not achievable by plain npm. Hence, to give an example we're restricting the version of
lodashin here which fixes thecritical vulnerabilityand for the future npm vulnerabilities as well.PS. This upgrade has inadvertently fix the other vulnerabilities as well.