From afe4dc4df56976a6f7702710652f467a6aba35bc Mon Sep 17 00:00:00 2001 From: Joanna Pinto Paul Date: Mon, 2 Dec 2024 12:16:35 +0000 Subject: [PATCH] NOJIRA: Updated npm audit exclusions (#418) --- .nsprc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.nsprc b/.nsprc index 426598a4..6f8c1033 100644 --- a/.nsprc +++ b/.nsprc @@ -13,5 +13,6 @@ "GHSA-952p-6rrq-rcjv": "micromatch: used by stylelint, no risk given our usage", "GHSA-gcx4-mw62-g8wm": "rollup - we don't use import.meta.url to inject scripts dynamically, so we should be ok", "GHSA-3h5v-q93c-6h6q": "backstopjs - won't impact us I think, and we can't upgrade past at the moment because of flakey tests.", - "GHSA-pxg6-pf52-xh8x": "cookie - this is transitive dep of express, which we just use locally and don't use to set cookies." + "GHSA-pxg6-pf52-xh8x": "cookie - this is transitive dep of express, which we just use locally and don't use to set cookies.", + "GHSA-3xgq-45jj-v275": "cross-spawn - devDependency, no risk given our usage" }