Security Vulnerability in cdk-assets v3.0.0-rc.143 – Upgrade Required

[hylickipiotr]

The project currently uses the cdk-assets package version v3.0.0-rc.143, which depends on a vulnerable version of @babel/helpers, as confirmed by the report at GHSA-968p-4wvh-cqc8. The vulnerability exists in the version of @babel/helpers used in cdk-assets v3.0.0-rc.143. The solution is to upgrade cdk-assets to a version that uses a version of @babel/helpers that resolves the vulnerability.

[krmorse]

+1

[krmorse]

cdk-assets has an official 3.x release now too (3.2.0 as of this writing)