vulnerability issue with inflight @1.0.6 #277
Labels
pinned
Issues that will not be automatically closed
Comments
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Have also had this flagged in a project. I believe that upgrading glob to > v9 should resolve the issue as they removed inflight isaacs/inflight-DEPRECATED-DO-NOT-USE#5 I can potentially help on this |
|
Snyk is also picking this one up. |
|
This issue has been hanging for 3 years now. Installing swagger gives: npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.and └─┬ [email protected]
└─┬ [email protected]
└── [email protected] |
|
Created PR #400 to bump glob to v11.0.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The package inflight @1.0.6 is been identified as a vulnerble which is used as a dependency for glob @7.1.6.
The description for the issue is been reported as follows,
In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions.
Please consider the attachment for the details.
The text was updated successfully, but these errors were encountered: