Security policy #651
Description
gatsby has still some vulnerable packages in use, but as in the end it is all static code run in the client, this is anyway sandboxed and has no impact on security according to gatsby's team: See gatsbyjs/gatsby#32277 for example.
Still this is maybe addressable using resolutions. However I had a hard time with sporadic erratic behavior and removing these resolutions solved the issue :-/
Metadata
Metadata
Assignees
Labels
No labels