search

wcm-io-frontend / aem-clientlib-generator

Creates configuration files for AEM ClientLibs and synchronizes assets.
Apache License 2.0
62 stars 32 forks source link

High severity issues #44

Closed lbineau closed 2 years ago

lbineau commented 2 years ago

Dear developers,

I'd like to report a security issue with version 1.7.7 due to the usage of "a vulnerable version of async dependency".

image

npm audit fix --force would actually downgrade to version 1.4.1 which is not a good solution I believe.

Could you do another release upgrading the vulnerable dependencies?

Thank you.

ifahrentholz commented 2 years ago

Hi @lbineau, thx for your issue. I will update the dependency shortly.

ifahrentholz commented 2 years ago

The issue should be fixed with release v1.8.0 https://www.npmjs.com/package/aem-clientlib-generator

Regards

lbineau commented 2 years ago

Thanks a lot.