Skip to content

[SG-36701] Fix for json-schema which is vulnerable to Prototype Pollution

Warren Gifford requested to merge contractors/SG-36701 into main

Created by: gitstart-sourcegraph

Description

Dependabot cannot update json-schema to a non-vulnerable version The latest possible version that can be installed is 0.2.3 because of the following conflicting dependencies:

@graphql-codegen/[email protected] requires [email protected] via a transitive dependency on [email protected]
[email protected] requires [email protected] via a transitive dependency on [email protected]
[email protected] requires [email protected] via a transitive dependency on [email protected]

Ref

SG Issue GitStart Ticket

Success criteria

json-schema is upgraded

Implementation Detail

Test Plan

  • Run command yarn why json-schema
  • Check the version of json-schema displayed

App preview:

Check out the client app preview documentation to learn more.

Merge request reports

Loading