Replies: 1 comment
-
|
Please see #31266 (comment) for why you need to take such reports with a grain of salt. Additionally, I don't see how e.g. gatsby-plugin-react-helmet has a "high" severity? Synk doesn't show anything -- so not sure what you're trying to say here :) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
TL; DR
Modifications submitted on PR #31251
Details
I was updating a Gatsby Starter package and it was not possible running
npm audit fixdue a circular dependency ongatsby.Also I could not figure out how to run the local tests only on the problematic packages, but (according Circle CI report), only
e2e_tests_pnptests failed.My starter direct dependencies are:
[email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected]NPM Audit Report
The data from this report was generated by
npm audit --jsonand the packages linked to Snyk I/O as possible.babel-plugin-remove-graphql-queries[email protected]engine.io-client[email protected]gatsby[email protected]gatsby-plugin-manifest[email protected]gatsby-plugin-material-ui[email protected]gatsby-plugin-offline[email protected]gatsby-plugin-page-creatorundefined@undefinedgatsby-plugin-react-helmet[email protected]gatsby-plugin-sharp[email protected]gatsby-plugin-typescriptgatsby-plugin-utils[email protected]gatsby-source-filesystem[email protected]gatsby-transformer-sharp[email protected]socket.io-client[email protected]xmlhttprequest-ssl[email protected]Beta Was this translation helpful? Give feedback.
All reactions