Skip to content
This repository was archived by the owner on Jun 4, 2024. It is now read-only.
This repository was archived by the owner on Jun 4, 2024. It is now read-only.

Security vulnerability in libpq thus dependency tree issue: pg-native -> libpq #107

Closed
#108
Closed
Security vulnerability in libpq thus dependency tree issue: pg-native -> libpq#107
#108
@Leigh-M

Description

@Leigh-M
Leigh-M
opened on Aug 19, 2022

pg-native has a high severity vulnerability issue with its version of libpq. Thus 'npm audit fix' does not work. Or with '--force' flag breaks the build.

Will install pg@8.3.3, which is a breaking change
node_modules/libpq
pg-native *
Depends on vulnerable versions of libpq
node_modules/pg-native
pg >=8.4.0
Depends on vulnerable versions of pg-native
node_modules/pg

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions