Orca flags vulnerability in tmp package #10156
Description
Orca is flagging vulnerability in the tmp package, thus blocking deployment.
yarn why v1.22.19 [1/4] 🤔 Why do we have the module "tmp"...? [2/4] 🚚 Initialising dependency graph... (node:25227) [DEP0169] DeprecationWarning: url.parse()behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued forurl.parse()vulnerabilities. (Usenode --trace-deprecation ...` to show where the warning was created)
warning Resolution field "[email protected]" is incompatible with requested version "es5-ext@^0.10.64"
warning Resolution field "[email protected]" is incompatible with requested version "thrift@^0.9.3"
warning Resolution field "[email protected]" is incompatible with requested version "tmp@^0.0.33"
warning Resolution field "[email protected]" is incompatible with requested version "tmp@^0.1.0"
[3/4] 🔍 Finding dependency...
[4/4] 🚡 Calculating file sizes...
=> Found "[email protected]"
info Reasons this module exists
- "project#@cubejs-backend#elasticsearch-driver#testcontainers" depends on it
- Hoisted from "project#@cubejs-backend#elasticsearch-driver#testcontainers#tmp"
- Hoisted from "project#lerna#@nx#devkit#tmp"
- Hoisted from "project#lerna#nx#tmp"
- Hoisted from "project#@cubejs-backend#testing#cypress#tmp"
- Hoisted from "project#cubejs-cli#inquirer#external-editor#tmp"
- Hoisted from "project#@cubejs-backend#server#@oclif#dev-cli#qqjs#tmp"
info Disk size without dependencies: "52KB"
info Disk size with unique dependencies: "52KB"
info Disk size with transitive dependencies: "52KB"
info Number of shared dependencies: 0
✨ Done in 0.62s.`
@paveltiunov Could you please suggest what could be done?