Hi,
Thanks for Aditya's work at OFBIZ-11960 <https://issues.apache.org/jira/browse/OFBIZ-11960> "Use NPM with gradle to get external JS dependencies"
(thks also to Daniel's commit) and Dependabot installed at GH I have been warned about this vulnerability. It did not reach comm...@ofbiz.apache.org
because of a bug I reported at INFRA-22418 <https://issues.apache.org/jira/browse/INFRA-22418>.
If nobody objects I'll backport the work done forĀ OFBIZ-11960 because it will
secure our js libs usage
Jacques
