Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Severity Vulnerabilities #78

Closed
qgan7125 opened this issue Jun 24, 2022 · 1 comment
Closed

Severity Vulnerabilities #78

qgan7125 opened this issue Jun 24, 2022 · 1 comment
Assignees
@datadavev @dannymandel @hyunssong

Comments

@qgan7125
Copy link
Contributor

For our current react app, we still have severity vulnerabilities caused by one dependency [email protected] of craco-cesium. I tried to update subdependency glob-parent from v3 to v5 in the package.json, which didn't work. copy-webpack-plugin v6 could solve this issue but copy-webpack-plugin v6 is a breaking change version and our other dependencies still need v5, so we could not update copy-webpack-plugin directly. The Github issue for this severity vulnerability: hanford/next-offline#275.
Screen Shot 2022-06-24 at 1 28 23 PM
@qgan7125
Copy link
Contributor Author

Update: the reason to cause the severity vulnerabilities is the package-lock.json file.
Solved: delete package-lock.json and npm i

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@datadavev datadavev

@dannymandel dannymandel

@hyunssong hyunssong

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@datadavev @dannymandel @qgan7125 @hyunssong