cloud-s4-sdk-pipeline の最新バージョン (21) に切り替えました。新しい機能は機能しますが、最新の依存関係バージョン以外にnpm 依存関係監査エラーが発生します。
調査結果のまとめ
• High Arbitrary File Overwrite vulnerability found in dependency "tar", see https://npmjs.com/advisories/803 for details.
• High Code Injection vulnerability found in dependency "js-yaml", see https://npmjs.com/advisories/813 for details.
• Moderate Regular Expression Denial of Service vulnerability found in dependency "mime", see https://npmjs.com/advisories/535 for details.
• Moderate Regular Expression Denial of Service vulnerability found in dependency "underscore.string", see https://npmjs.com/advisories/745 for details.
• Moderate Prototype Pollution vulnerability found in dependency "lodash", see https://npmjs.com/advisories/782 for details.
• Moderate Denial of Service vulnerability found in dependency "js-yaml", see https://npmjs.com/advisories/788 for details.
同様の問題がありましたか?解決策はありますか?