Skip to content
This repository has been archived by the owner on Jan 16, 2024. It is now read-only.

Critical vulnerability in npm install #146

Open
4 tasks
Dirk-27 opened this issue Aug 27, 2021 · 2 comments
Open
4 tasks

Critical vulnerability in npm install #146

Dirk-27 opened this issue Aug 27, 2021 · 2 comments

Comments

@Dirk-27
Copy link

Dirk-27 commented Aug 27, 2021

npm audit says:

Critical Prototype Pollution

  • Package swiper
  • Patched in >=6.5.1
  • Dependency of ember-cli-swiper [dev]
  • Path ember-cli-swiper > swiper

Todos:

  • Upgrade swiper from ^4.2.2 to ^6.5.1 (current version is 7.0.1) in package.json
  • Test
  • Build
  • New Tag
@Dirk-27 Dirk-27 changed the title Critical Critical vulnerability in npm install Aug 27, 2021
@waissbluth
Copy link

@maxymczech has a fork with this (and other) updates

@maxymczech
Copy link

Sorry, I am out of context here. I've made my fork with modifications in order to make it benefit from Embroider build for a project I am working on.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@maxymczech @waissbluth @Dirk-27