This repository has been archived by the owner on Jan 18, 2024. It is now read-only.
Upgrade copy-webpack-plugin for the webpack-config npm package #2210
Labels
Comments
|
Hi @spoilerdo, thanks for bringing this up! It's kind of unfortunate that the advisories are popping up in places where it shouldn't. The advisory clearly states that it's only a moderate risk when using outside Node, and this is used in Node 😅 But that's a topic for another discussion I think. Any help upgrading this is appreciated, if you can feel free to open a PR. If not, don't worry, we will get to this eventually. Let's keep this on our todo list for now. Thanks! |
spoilerdo
added a commit
to spoilerdo/expo-cli
that referenced
this issue
Jun 15, 2020
expo#2210 related issue
|
fixed #2334 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When I ran
npm ion an empty expo typescript template I got one moderate vulnerability:Currently I use version: 0.12.11 of the @expo/webpack-config npm package. Maybe better to update this in the package itself. copy-webpack-plugin current version is 6.0.1 (which uses version 3.0.0 of serialize-javascript) and the webpack-config package uses 5.0.0.
The text was updated successfully, but these errors were encountered: