Hi,
I’ve been using the free version for a while and the number of security vulns (14 high as of today) seems to be creeping up and not getting fixed? Running node 20/npm 10.
It’s causing my security pipeline to fail on npm audit.
Are there any plans to fix this? It seems kors and vite are the two modules causing the actual problems? Is it OK to force the latest versions in package.json to fix the problem?
Thanks,
Paul.
This will fix it. Checked versions etc and overrides should be fine.
"overrides": {
"vite": "5.0.12",
"@koa/cors": "5.0.0"
}