Deep dependency on this critical vulnerability version of formdiable
Opened this issue · 1 comments
jeremy-ensemble commented
Issue description
There is a deep dependency on a package formidable which contains a critical vulnerability (GHSA-8cp3-66vr-3r4c).
The vulnerability can be fixed like this for now:
"overrides": { "path-loader": { "superagent": "9.0.0" }, }
Context
On serverless 3.38.0.
thetumper commented
Is this project still maintained? Last release 2023-11-21, with a critical vulnerability, and no patch in two weeks since posted?