You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to fix a dependabot issue on a repository of mine:
Dependabot cannot update nth-check to a non-vulnerable version
The latest possible version that can be installed is 1.0.2 because of the following conflicting dependencies:
steamcommunity@3.44.2 requires nth-check@~1.0.1 via a transitive dependency on css-select@1.2.0
steam-tradeoffer-manager@2.10.5 requires nth-check@~1.0.1 via a transitive dependency on css-select@1.2.0
No patched version available for nth-check
The earliest fixed version is 2.0.1.
Can you help to fix this ^ ?
Thanks
The text was updated successfully, but these errors were encountered:
nth-check is a dependency of css-select, which is a dependency of cheerio@0.22.0. cheerio has not yet released a stable version newer than 0.22.0, so there's no way to upgrade its dependencies.
The vulnerability in question is not really an issue in this case, since cheerio isn't parsing any untrusted user input in this module (just html from steamcommunity.com).
Hello,
I'm trying to fix a dependabot issue on a repository of mine:
Can you help to fix this ^ ?
Thanks
The text was updated successfully, but these errors were encountered: