Home > Net >  How to fix the vulnerabilities in npm if I cannot upgrade the major version of dependency?
How to fix the vulnerabilities in npm if I cannot upgrade the major version of dependency?

Time:03-07

I have a high risk vulnerability from npm audit --production. This is dependency of snowflake-sdk. But I checked enter image description here

I am very new to npm and javascript, any help is appreciated!

CodePudding user response:

I think snowflake just fixed the issue:

"requestretry": "^7.0.1",

https://github.com/snowflakedb/snowflake-connector-nodejs/blob/master/package.json

  • Related