Security Vulnerability in aws-cdk-lib v2.179.0 – Upgrade Required #61
Assignees
Comments
|
+1 |
1 similar comment
|
+1 |
|
I'm curious for this one how important it is that it's pinned to an exact version. I know currently that you get typescript errors if you're using a different cdk version in your project, but I doubt there is anything in SST that would break if we changed it to Especially because this library releases multiple times per week, so it's immediately out of date |
|
+1 |
|
There is another vulnerability documented at GHSA-5pq3-h73f-66hr, so |
|
another vunlerabiliity, so minimum version should be |
|
i'm happy to take a crack at this but i wanted to do #69 first to make sure i understood the contrib process first |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The project currently uses
aws-cdk-libv2.179.0, which is affected by a security vulnerability as per GHSA-5pq3-h73f-66hr. To mitigate this risk, the package must be upgraded to v2.184.0 or later.The text was updated successfully, but these errors were encountered: