@ngneat/spectator uses jQuery dependency version(3.6.0) which as Vulnerabilities

Question

@ngneat/spectator uses jQuery dependency version(3.6.0) which as Vulnerabilities

secretservice007 opened this issue a year ago · comments

I am not sure if this has already been raised, cannot find it but if it has apologies for the repetition.

spectator as a dependency to jQuery 3.6.0 which as Vulnerability flagged by checkmarx scan, similar issue was raised to jquery/jquery#5062 and it is fixed by jQuery 3.6.1

Could you please update the jQuery to latest version to solve this vulnerabilities related to jQuery 3.6.0

Thank you!

secretservice007 · Answer 1 · Wed Jun 21 2023 13:53:54 GMT+0800 (China Standard Time)

Could a contributor kindly update the version of jQuery from 3.6.0 to 3.6.1, as the issues continue to persist?

Andrei Tache · Answer 2 · Fri Oct 06 2023 19:23:56 GMT+0800 (China Standard Time)

This should be fixed in here: #629