You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The horsey dependency declared at package.json brings a lodash version that has multiple known vulnerabilities.
Additional context
As you can see at Snyk's Vuln DB only the latest version has no known direct vulnerabilities. Since no new version from horsey has been published, and the lodash dependency at horsey is declared using a specific version, I suggest the use of another library for this functionality or the removal of the dependency.
Another option would be to open an issue to the horsey repo, but it has had no activity since 2016.
The text was updated successfully, but these errors were encountered:
Describe the bug
The horsey dependency declared at package.json brings a lodash version that has multiple known vulnerabilities.
Additional context
As you can see at Snyk's Vuln DB only the latest version has no known direct vulnerabilities. Since no new version from horsey has been published, and the lodash dependency at horsey is declared using a specific version, I suggest the use of another library for this functionality or the removal of the dependency.
Another option would be to open an issue to the horsey repo, but it has had no activity since 2016.
The text was updated successfully, but these errors were encountered: