https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41587 --- Comment #1 from Paul Derscheid <paul.derscheid@lmscloud.de> --- Created attachment 191212 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191212&action=edit Bug 41587: Fix critical and high severity node dependency vulnerabilities - Upgrade gulp-exec to ^5.0.0 (fixes lodash.template HIGH) - Add resolution for form-data ^2.5.4 (CRITICAL) - Add resolution for braces ^3.0.3 (HIGH) - Add resolution for qs ^6.14.1 (HIGH) Test plan: - yarn audit --level high should show 0 vulnerabilities - yarn build && yarn build:prod should complete without errors - yarn cypress run should return without (or currently expected) errors @RM: You will need to push yarn.lock as well -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.