The issue has been closed

Please upgrade the color-string dependency to 1.5.5 #203

qkangusc posted onGitHub

The color-string has released a new version 1.5.5 four months ago. Our company's code gets vulneribility flagged about it.

You should stop using package-lock.json files then because the patch was included in the dependency range.

Either way, I just pushed an update to color-string and bumped the dependency here too.

posted by Qix- over 3 years ago

Fund this Issue

$0.00

Funded

Pull requests