I have a project that uses @dolbyio/comms-uikit-react@1.3.1 (the latest version as of this writing) which has @voxeet/voxeet-web-sdk@3.11.0 (also the current version). When I preform an npm audit in my project, I get a report that voxeet-web-sdk references a vulnerable version of axios. There is more information about the axios vulnerability here: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx.
Are there plans to update this dependency to resolve this vulnerability?
I have a project that uses @dolbyio/comms-uikit-react@1.3.1 (the latest version as of this writing) which has @voxeet/voxeet-web-sdk@3.11.0 (also the current version). When I preform an
npm audit
in my project, I get a report that voxeet-web-sdk references a vulnerable version of axios. There is more information about the axios vulnerability here: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx.Are there plans to update this dependency to resolve this vulnerability?