ssri #1725
Description
ssri
Open GitHub opened this alert 2 days ago
Dependabot cannot update ssri to a non-vulnerable version
The latest possible version that can be installed is 6.0.1 because of the following conflicting dependencies:
[email protected] requires ssri@^7.0.0 via a transitive dependency on [email protected]
[email protected] requires ssri@^6.0.1 via a transitive dependency on [email protected]
The earliest fixed version is 8.0.1.
View logs or learn more about troubleshooting Dependabot errors.
1 ssri vulnerability found in …/frontend/yarn.lock 2 days ago
Remediation
Upgrade ssri to version 8.0.1 or later. For example:
ssri@^8.0.1:
version "8.0.1"