I have a high risk vulnerability from npm audit --production. This is dependency of snowflake-sdk. But I checked snowflake github it has "requestretry": "^6.0.0" in the package.json which mean it doesn’t support requestretry 7.0.0. Is there any other way to fix this vulnerability? What if I upgrade requestretry to 7.0.0?
I am very new to npm and javascript, any help is appreciated!
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
I think snowflake just fixed the issue:
"requestretry": "^7.0.1",
https://github.com/snowflakedb/snowflake-connector-nodejs/blob/master/package.json
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0