Dependencies have severe vulnerabilities
PaulMcInnis opened this issue · 1 comments
PaulMcInnis commented
Dependabot and npm warn of these, but in particular these cannot be automatically updated by it:
Upgrade dot-prop to version 4.2.1 or later.
Upgrade serialize-javascript to version 3.1.0 or later.
Thanks for the template!
mmacneil commented
Thanks, @PaulMcInnis - just updated, and vulnerability warnings have vanished - for now :)