appcenter-link-scripts is using vulnerable version of minimist

Question

peltax opened this issue 3 years ago · comments

Hello,

appcenter-link-scripts has dependency for minimist 1.2.5 which is vulnerable to prototype pollution. Please upgrade to 1.2.6.

Dima · Answer 1 · Tue Mar 29 2022 14:26:04 GMT+0800 (China Standard Time)

Hi @peltax , thank you for reaching out! This was fixed in #965.

peltax · Answer 2 · Fri Apr 08 2022 20:48:33 GMT+0800 (China Standard Time)

nice, will updated package get published? Last one is from january.

Dima · Answer 3 · Tue Apr 12 2022 19:45:41 GMT+0800 (China Standard Time)

Hi @peltax , we will release react-native sdk with this fix this month.