ws security vulnerability
alfonsoar opened this issue · comments
Hello,
There is a security vulnerability with the ws package that this plugin transitively depends on. Can we update graphql-config
to version 4.x.x
(since that is the latests version that contains a patched version of ws
). Also happy to contribute this back if you are accepting PRs.
└─┬ eslint-plugin-graphql@4.0.0
└─┬ graphql-config@3.4.1
└─┬ @graphql-tools/url-loader@6.10.1
├─┬ subscriptions-transport-ws@0.9.19
│ └── ws@7.4.5 deduped
└── ws@7.4.5
Fixed in #342