Outdates package/packages fix #673
Description
Security tooling (ex. checkmarx) flags [email protected] when installed via @codeceptjs/[email protected] when working with label-studio
-
Dependency path:
label-studio/web/libs/editor/tests/e2e/package.json
-> @codeceptjs/[email protected]
-> [email protected] -
Scan date: 2026-01-09
-
Finding: "Monitored Vulnerability (98)"
-
Electron upstream has newer versions available (e.g., 39.x).
The second topic is that the latest version of electron is still not considered as a safe one, but I think this is a separate issue. But consider if You can update it to pass security checks.
Is there a chance to dump this package to newest version?
I've seen that empty issue with nearly the same topic: #604
Thanks in advance