You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
trim-newlines is a transitive dependency which is present in a
dependency tree through imagemin-webp and node-sass.
Version of trim-newlines which is referenced by those pacakges has a
security advisory https://snyk.io/vuln/SNYK-JS-TRIMNEWLINES-1298042
Neither imagemin-webp nor node-sass have version which depend on patched
version of trim-newlines. And at least node-sass is not maintained any
Under current circumstances the only way to fix this is to force
trim-newlines version via "resolutions". As interface of the package is
backward compatible and does not break anything I believe it is a right
thing to do.