Low-severity vulnerability in @quasar/app-vite 2.4.0 dependency chain (tmp: GHSA-52f5-9888-hmc6) #18115
Closed
Unanswered
CasperRademaker-AbOvo
asked this question in
General - Components / Directives / etc
Low-severity vulnerability in @quasar/app-vite 2.4.0 dependency chain (tmp: GHSA-52f5-9888-hmc6)
#18115
Replies: 1 comment
-
|
This seems to be resolved along the way |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
@quasar/app-vite current latest (2.4.0) depends indirectly on tmp 0.0.33 which has this vulnerability: GHSA-52f5-9888-hmc6
See dependency chain at https://npmgraph.js.org/?q=%40quasar%2Fapp-vite%402.4.0
Although Quasar is not necessarily subject to this vulnerability, is there any roadmap to upgrading the dependency chain to more up-to-date versions so that vulnerability audits don't get triggered on this?
Beta Was this translation helpful? Give feedback.
All reactions