Skip to content

Get Critical vulnerabilities warning while installing it. #154

@abu-veltra

Description

@abu-veltra

(Thanks for reporting an issue! Please, then fill out the blanks below.)

What are the steps to reproduce this issue?

  1. Install it via NPM
  2. npm i --save-dev serverless-plugin-canary-deployments

What happens?

Got Critical vulnerabilities warning while installing this plugin to my local machine.

What were you expecting to happen?

Install normally.

Any logs, error output, etc?

flat  <5.0.1
Severity: critical
flat vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-2j2x-2gpw-g8fm
No fix available
node_modules/serverless-plugin-canary-deployments/node_modules/flat
  serverless-plugin-canary-deployments  *
  Depends on vulnerable versions of flat
  node_modules/serverless-plugin-canary-deployments

Any other comments?

N/A

What versions of software are you using?

Node Version: v18.0.0
NPM Version: 8.6.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions