Fix issues from npm audit #698
Comments
|
I would try to solve this issue, but I do not have access to the dependabot page |
|
@sarmatdev Isn't the screenshot above enough? |
|
@sarmatdev are you still doing this? |
I don't have access to the full security reports. Take this task if you want to solve it. |
|
@bonustrack axios comes from @portis/web3 and ansi-regex comes from eslint. portis/web3 and eslint are already the latest release possible. I do not see what we can do here other than patching those packages |
|
Another solution - disable portis/web3 till we have any updates from them. |
|
@sarmatdev you can enable security alerts in your fork. :) |
|
take a look at yarn's resolution feature. Also submit an issue on portis/web3 to upgrade their dependencies. |
|
Created a PR here portis-project/web-sdk#141 that can remove their unused dep that have this old version |
We should fix issue from npm audit
https://github.com/snapshot-labs/snapshot/security/dependabot
The text was updated successfully, but these errors were encountered: