-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability in parcel-bundler dependency "serialize-to-js" #3454
Comments
Duplicate of #3133 |
@mkeedlinger the vulnerability was never a valid vulnerability and the PR is merged into master. There will be no update to parcel as it's not a vulnerability and never was as mentioned in the PR. It's the npm security team making a mistake. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
🐛 bug report
Since today
npm audit
reports a high vulnerability for my project which uses parcel-bundler. The vulnerability is coming fromserialize-to-js
which is a dependency of parcel.bundler.serialize-to-js
would need y major version update.The text was updated successfully, but these errors were encountered: