I'm new to testcafe and when I run npm install testcafe --save-dev, I get the following errors. I tried installing [email protected] which it says is the fix but I get even more vulnerabilities...not sure what to do here! Thanks!
async <2.6.4
Severity: high
Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/testcafe/node_modules/async
testcafe-legacy-api <=5.1.2 Depends on vulnerable versions of async node_modules/testcafe/node_modules/testcafe-legacy-api
testcafe <=1.18.6-rc.1 Depends on vulnerable versions of testcafe-legacy-api node_modules/testcafe
3 high severity vulnerabilities
CodePudding user response:
We already addressed this issue:
https://github.com/DevExpress/testcafe-legacy-api/issues/59.
The next minor TestCafe update will include this fix.