Open MissaouiChedy opened 1 week ago
Were you able to resolve the vulnerabilities on your end and still update mssql to v11.0.0?
Were you able to resolve the vulnerabilities on your end and still update mssql to v11.0.0?
@Fatmoogle I am not sure I understand you correctly but yes I tried to npm audit fix
+ upgrade to mssql 11.0.0 but I get a dependency conflict.
Should I try to ignore the dependency conflict and test anyway ?
Issue description
I am using TypeOrm 0.3.20 in a project with SQL Server.
npm audit
is surfacing the following vulnerability related to@azure/identity:
It is possible to mitigate the issue by upgrading mssql to 11.0.x, however this causes a peer dependency conflict with typeorm 0.3.20.
What would be the ramifications of allowing mssql 11 as peer dependency in typeorm ? I am open to contribute.
Expected Behavior
No peer dependency conflict with mssql 11.0.0
Actual Behavior
Peer dependency conflict with mssql 11.0.0
Steps to reproduce
In a sample project:
My Environment
Additional Context
Unfortunately, I was not able to follow the typeorm security policy as the support@typeorm.io e-mail is unreachable.
Relevant Database Driver(s)
Are you willing to resolve this issue by submitting a Pull Request?
Yes, I have the time, but I don't know how to start. I would need guidance.