vogievetsky opened a new pull request, #18316:
URL: https://github.com/apache/druid/pull/18316

   Did the steps that I added to the README to address:
   
   ```
   $npm audit 
   # npm audit report
   
   @eslint/plugin-kit  <0.3.3
   Severity: high
   @eslint/plugin-kit is vulnerable to Regular Expression Denial of Service 
attacks through ConfigCommentParser - 
https://github.com/advisories/GHSA-xffm-g5w8-qvg7
   fix available via `npm audit fix`
   node_modules/@eslint/plugin-kit
     eslint  9.10.0 - 9.26.0
     Depends on vulnerable versions of @eslint/plugin-kit
     node_modules/eslint
   
   on-headers  <1.1.0
   on-headers is vulnerable to http response header manipulation - 
https://github.com/advisories/GHSA-76c9-3jph-rj3q
   fix available via `npm audit fix`
   node_modules/on-headers
     compression  1.0.3 - 1.8.0
     Depends on vulnerable versions of on-headers
     node_modules/compression
   
   4 vulnerabilities (2 low, 2 high)
   
   To address all issues, run:
     npm audit fix
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to