Vulnerability of URL-PARSE dependency #98
Description
This is a dependency vulnerability report:
Github dependabot notified me that this package uses a vulnerable release for URL-parse.
Please check the compatibility with minimum version 1.5.0.
Thanks
Alert:
Dependabot cannot update url-parse to a non-vulnerable version
The latest possible version that can be installed is 1.4.7 because of the following conflicting dependency:
[email protected] requires [email protected]
The earliest fixed version is 1.5.0.