You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cordova.apache.org by GitBox <gi...@apache.org> on 2020/03/30 16:02:23 UTC

[GitHub] [cordova-android] breautek commented on issue #935: Prototype pollution in dot-prop

breautek commented on issue #935: Prototype pollution in dot-prop
URL: https://github.com/apache/cordova-android/issues/935#issuecomment-606089321
 
 
   Installing cordova-android does not yield any security vulnerabilities for me. In my experience this is caused by having a sub-dependency installed at some point, and they don't get updated, even if you reinstall `cordova-android`.
   
   I'd try doing the following in your app:
   
   ```bash
   rm package-lock.json
   rm -r node_modules
   npm install
   ```
   
   This should cause all your dependencies to install using the latest satisfactory versions across your dependency tree.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org