You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Having a look at this one, we currently have a security alert from Github in our clients/native/examples/js-examples, in the dependency websocket-extensions. Tracing through the dependencies upwards, we are depending on webpack-dev-server which uses this (about 4 layers down the stack).
The vulnerability has no effect on us (it's example code and we're not running a js-based websocket server in our examples anyway).
Since there's no effect, we can periodically check back on this one, and when we see that webpack-dev-server releases again with updated dependencies we should upgrade then.
I have no idea what happens if we just upgrade the websocket-extensions package directly in package.json and yarn.lock but I don't feel like getting into a fight with js dependency managers and finding out.
No description provided.
The text was updated successfully, but these errors were encountered: