You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
normalize-package-data: 5.0.0 package has semver:7.3.5 (and I can update it to version 7.5.2 with fix), but I can't update it for read-pkg because it doesn't allow update a major version. Could you update normalize-package-data to version 5.. in your project?
The text was updated successfully, but these errors were encountered:
semver <7.5.2
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - GHSA-c2qf-rxjj-qqgw
No fix available
├─┬ stylelint@15.9.0
│ └─┬ meow@9.0.0
│ └─┬ read-pkg-up@7.0.1
│ └─┬ read-pkg@5.2.0
│ └─┬ normalize-package-data@2.5.0
│ └── semver@5.7.1 deduped
normalize-package-data: 5.0.0 package has semver:7.3.5 (and I can update it to version 7.5.2 with fix), but I can't update it for read-pkg because it doesn't allow update a major version. Could you update normalize-package-data to version 5.. in your project?
The text was updated successfully, but these errors were encountered: