You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note that ora is used in all of cli, cli-types and platform-ios.
I looked at upgrading it in cli, but it seems the ora.Ora class used here is no longer exported, so I'm not sure how that should be solved (I'm not that experienced with the Node ecosystem/TypeScript). If anyone has a pointer how that should be done, I'm happy to try and fix that.
There hasn't been any activity on this issue in the past 3 months, so it has been marked as stale and it will be closed automatically if no further activity occurs in the next 7 days.
Description
ora version 3 pulls in a vulnerable version of strip-ansi (v4).
https://github.com/react-native-community/cli/blob/master/packages/cli-types/package.json#L9
This dependency is fixed in ora version 6: sindresorhus/ora@090860b
The text was updated successfully, but these errors were encountered: