Skip to content

Commit

Permalink
update eslint-plugin-import version (#139)
Browse files Browse the repository at this point in the history 
Snyk/dependabot detects a Prototype Pollution vulnerability in a transient dependency (minimist) of eslint-plugin-import. Bumping minor version of eslint-plugin-import from 2.25.3 to 2.26.0 to include the fix (tsconfig-paths v3.14.1 => minimist v1.2.6).
(not sure why it's rank low in Snyk but critical in dependabot)
![Screen Shot 2022-06-30 at 10 45 28 AM](https://user-images.githubusercontent.com/36055303/176713446-c18243fc-29f1-4779-9020-397630e59744.png)
![Screen Shot 2022-06-30 at 10 45 21 AM](https://user-images.githubusercontent.com/36055303/176713471-f0357d29-ecec-4132-ac85-5e29e6ba4e92.png)

J=none
TEST=none
  • Loading branch information
@yen-tt
yen-tt committed Jun 30, 2022
1 parent 283bc6d commit d56dd57
Show file tree
Hide file tree
Showing 2 changed files with 110 additions and 68 deletions.
Loading

0 comments on commit d56dd57

Please sign in to comment.