apollographql / eslint-plugin-graphql

:vertical_traffic_light: Check your GraphQL query strings against a schema.

Home Page:https://www.npmjs.com/package/eslint-plugin-graphql

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ws security vulnerability

alfonsoar opened this issue · comments

Hello,

There is a security vulnerability with the ws package that this plugin transitively depends on. Can we update graphql-config to version 4.x.x (since that is the latests version that contains a patched version of ws). Also happy to contribute this back if you are accepting PRs.

└─┬ eslint-plugin-graphql@4.0.0
  └─┬ graphql-config@3.4.1
    └─┬ @graphql-tools/url-loader@6.10.1
      ├─┬ subscriptions-transport-ws@0.9.19
      │ └── ws@7.4.5  deduped
      └── ws@7.4.5