Vulnerabilities in the Dependabot alerts
Closed this issue · 1 comments
beatrizsmerino commented
Hi! I need help to remove these annoying security alerts on the dependencies.
I would like to upgrade the packages to a stable version.
Security Alerts:
- ansi-regex
- nth-check
- set-value
- ansi-html
Many of these alerts indicate this to me:
⚠ Dependabot cannot update set-value to a non-vulnerable version
I don't know if I should:
- update the stable version you indicate me, manually in the
package-lock.json
file. - Install it as a dependency so that it appears in the
package.json
file withnpm install
. - Search for a more stable version of the package or its dependencies.
I appreciate any PR and advice
beatrizsmerino commented