Security Vulnerability on loader-utils
Closed this issue · 0 comments
fbosquet-azpn commented
Recent vulnerability scan shows that the color-tables project is vunerable to this Prototype Pollution issue
https://security.snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105
The loader-utils package is actually pull by the @storybook/addons-storysource
We don't have yet a new version of addons-storysource.
However, I think we could still fix it in the production version because we should only have dev dependency to storybook.