NPM High vulnerability on async dependency
alanperezg-iweb opened this issue · 3 comments
alanperezg-iweb commented
Detailed Description
npm audit report reported a High vulnerability on the async dependency used in the shortstop dependency
Possible Implementation
For versions 0.x.x, 1.x.x and 2.x.x use an async version >= 2.6.4 for 3.x.x versions use >= 3.2.2
More details can be found here: GHSA-fwr7-v2mv-hh25
Environment Details
- Version used: 1.0.3
- Environment versions: Node v12.19.0, npm v6.14.13
- Operating System and version: OSX 10.15.7 (Catalina)
tasdflkjweio commented
Is this project still maintained?
grawk commented
Taking a look at this. Thank you.
grawk commented
Resolved by + shortstop@1.0.2