Need update dependence called @graphql-tools/prisma-loader to 8.0.2 for addressing vulnerabilities in jose v4.14.4 #9904

keisuke-na · 2024-03-19T04:17:53Z

keisuke-na
Mar 19, 2024

The @graphql-codegen/cli v5.0.2 use @graphql-tools/prisma-loader to 8.0.1 which use jose v4.14.4.
There is vulnerabilities on jose v4.14.4 which is used by @graphql-tools/prisma-loader to 8.0.1.
Please see this alert => GHSA-hhhv-q57g-882q

keisuke-na · 2024-03-19T08:30:51Z

keisuke-na
Mar 19, 2024
Author

It was simply a matter of updating the prisma-loader. My apologies.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Need update dependence called @graphql-tools/prisma-loader to 8.0.2 for addressing vulnerabilities in jose v4.14.4 #9904

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Need update dependence called @graphql-tools/prisma-loader to 8.0.2 for addressing vulnerabilities in jose v4.14.4 #9904

Uh oh!

keisuke-na Mar 19, 2024

Replies: 1 comment

Uh oh!

keisuke-na Mar 19, 2024 Author

keisuke-na
Mar 19, 2024

keisuke-na
Mar 19, 2024
Author