Hi André,
I really want to use this very useful action, however, when I was going through our internal security assessment, Dependabot reported 4 vulnerabilities, one of which is High Severity. There is an available patch version for all of them though.
Dependabot also raised 10 PRs for build dependencies.
See screen shots below.
Any chance you could bump these package to remediate the vulnerabilities please ?
Kind regards
Fraser.
Hi André,
I really want to use this very useful action, however, when I was going through our internal security assessment, Dependabot reported 4 vulnerabilities, one of which is High Severity. There is an available patch version for all of them though.
Dependabot also raised 10 PRs for build dependencies.
See screen shots below.
Any chance you could bump these package to remediate the vulnerabilities please ?
Kind regards
Fraser.