Closed
Description
openedon Oct 11, 2023
Is your feature request related to a problem? Please describe.
The zod
version (1.11.17
) used across the project has a security vulnerability, which gets picked up by various scanners, e.g. https://security.snyk.io/vuln/SNYK-JS-ZOD-5925617 and it is also over two years old.
Describe the solution you'd like
Please upgrade to v3.x
release line (first released some 2+ years ago).
Describe alternatives you've considered
n/a
Additional context
Would it make sense to turn on Renovate (or change Dependabot config) for this project? There does not seem be a clearly visible dependency upgrade strategy in place.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment