You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
npm audit now gives a warning that vuejs3-datepickers depends on vulnerable versions of vite-plugin-dts. There is a fix available, but npm audit fix or with --force doesn't give the correct output. Could you update this depencen manually?
npm auditnow gives a warning thatvuejs3-datepickersdepends on vulnerable versions ofvite-plugin-dts. There is a fix available, butnpm audit fixor with--forcedoesn't give the correct output. Could you update this depencen manually?GHSA-g3ch-rx76-35fx
This is the full output of a
npm audit: (It is in a project, so there are other dependencies, but it is also with brand new project)npm audit report
vue-template-compiler >=2.0.0
Severity: moderate
vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS) - GHSA-g3ch-rx76-35fx
fix available via
npm audit fixnode_modules/vue-template-compiler
@vue/language-core <=2.0.28
Depends on vulnerable versions of vue-template-compiler
node_modules/@vue/language-core
vite-plugin-dts 3.0.0-beta.1 - 4.0.0-beta.2
Depends on vulnerable versions of @vue/language-core
Depends on vulnerable versions of vue-tsc
node_modules/vite-plugin-dts
vuejs3-datepicker >=1.1.0
Depends on vulnerable versions of vite-plugin-dts
node_modules/vuejs3-datepicker
vue-tsc 1.7.0-alpha.0 - 2.0.28
Depends on vulnerable versions of @vue/language-core
node_modules/vue-tsc
The text was updated successfully, but these errors were encountered: