You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our ADO build pipeline is failing at the Component Governance step due to High severity vulnerability in the Node-Fetch version 2.6.1. Component governance shows the due date to resolve this npm package 2022-06-16T20:09:00.2569253Z and since this deadline passed, build pipelines are failing and that stops us from deploying any changes related to the new LCW to staging or production.
node-fetch is being used by package @azure/core-http and @azure/core-http is being used by two different packages:
Component Governance error:
The text was updated successfully, but these errors were encountered:
We also have an ADO pipeline but this hasn't popped up. @dhruveshsheladiya Could you share the CG alert link and suggested steps explained in the alert?
Our ADO build pipeline is failing at the Component Governance step due to High severity vulnerability in the Node-Fetch version 2.6.1. Component governance shows the due date to resolve this npm package 2022-06-16T20:09:00.2569253Z and since this deadline passed, build pipelines are failing and that stops us from deploying any changes related to the new LCW to staging or production.
node-fetch is being used by package @azure/core-http and @azure/core-http is being used by two different packages:
Component Governance error:
The text was updated successfully, but these errors were encountered: