Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dependency of dependency vulnerability: coa latest version #12872

Open
t-gilb opened this issue Nov 30, 2022 · 0 comments
Open

dependency of dependency vulnerability: coa latest version #12872

t-gilb opened this issue Nov 30, 2022 · 0 comments
Labels
needs triage

Comments

@t-gilb
Copy link

t-gilb commented Nov 30, 2022

while installing dependencies (from a project bootstrapped using cra), I had some notifications from my antivirus.
It also stopped the installation of this dependency and prevented file to be copied.

this is an already known issue: ticket

workaround: I had to add the following lines to my package.json to use a specific version of that package.

  "resolutions": {
    "coa": "2.0.2"
  },

fix: we should not use the latest version (2.1.1) of that package.
@t-gilb t-gilb changed the title dependency vulnerability: coa latest version dependency of dependency vulnerability: coa latest version Nov 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@t-gilb