Update dependency "async"
ucsbricks opened this issue · comments
ucsbricks commented
insight currently uses async@^2.6.2 dependency. This version is affected by a prototype pollution, details:
GHSA-fwr7-v2mv-hh25
The issue was patched in async@^3.2.2. Could you please update insight’s async dependency to fix this security issue? Thanks.