-
-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
yarn audit: security vulnerability detected in storybook 6.1.18 -> immer #13961
Comments
Also reported in create-react-app. While we wait, this may be a temporary solution: |
This is related to this: ianstormtaylor/slate#4050 And I also have that problem in Storybook And suggested the temporary solution is actually not working when used as a module. |
Fixed in create-react-app |
Ooh-la-la!! I just released https://github.com/storybookjs/storybook/releases/tag/v6.2.0-beta.1 containing PR #14015 that references this issue. Upgrade today to the
Closing this issue. Please re-open if you think there's still more to do. |
Boo-yah!! I just released https://github.com/storybookjs/storybook/releases/tag/v6.1.20 containing PR #14015 that references this issue. Upgrade today to the
|
Describe the bug
immer, used by many of your packages, has had a new Prototype Pollution vulnerability detected: https://www.npmjs.com/advisories/1603 which is patched upstream in >=8.0.1
To Reproduce
yarn install @storybook/react && yarn audit
Expected behavior
revved to secure version
The text was updated successfully, but these errors were encountered: