gethue uses babel/traverse version with critical security vulnerability #4000
Description
Is there an existing issue for this?
- I have searched the existing issues
Description
gethue package uses babel/traverse dependency that has critical security issue. Please update your babel/traverse dependency to a version that has at least the fixed critical vulnerability
Steps To Reproduce
- install gethue npm package
- run npm/pnpm/yarn audit
- You will see gethue at the top of critical vulnerabilities due to babel/traverse
Logs
Paths
│ . > [email protected] > [email protected] > │
│ │ [email protected] > │
│ │ [email protected] > [email protected] │
│ │ │
│ │ . > [email protected] > [email protected] > │
│ │ [email protected] > │
│ │ [email protected] > │
│ │ [email protected] > [email protected] │
│ │ │
│ │ . > [email protected] > [email protected] > │
│ │ [email protected] > │
│ │ [email protected] > │
│ │ [email protected]
there's 34 more paths that use babel/traverse in gethue but you get the idea
Hue version
6.0.1