You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just to be clear. Next.js does not execute minimist from any of these packages. So there is no attack vector for any of these when using Next.js.
timneutkens
changed the title
10 moderate security vulnerabilities reported by npm audit associated with next
Some dependencies have a dependency on minimist that is not executed, but would be nice to update.
Mar 18, 2020
This issue has been automatically locked due to no recent activity. If you are running into a similar issue, please create a new issue with the steps to reproduce. Thank you.
vercel
locked as resolved and limited conversation to collaborators
Jan 29, 2022
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Bug report
Describe the bug
Multiple security vulnerabilities associated with next dependencies.
Ex:
Next needs to update four packages to patch this vulnerability:
There are even more associated with webpack and its dependencies.
To Reproduce
npm audit
Expected behavior
npm reports no security vulnerabilities associated with next
Screenshots
If applicable, add screenshots to help explain your problem.
System information
The text was updated successfully, but these errors were encountered: