Open elliotmessi opened 2 years ago
When I use umi for project, and upload my code to github, github security panel will alert that immer's version is < 9.0.6, and take critical severity level. It's simple to resolve it by updating immer version in @umijs/plugin-dva package.
Same on my side.
npm installation / audit is showing exactly the same thing.
Multiple high and critical vulnerabilities are reported for the immer dependency.
When I use umi for project, and upload my code to github, github security panel will alert that immer's version is < 9.0.6, and take critical severity level. It's simple to resolve it by updating immer version in @umijs/plugin-dva package.