Please update npm package as it still has "ws": "^7.4.5" and not "ws": "^7.5.10". vulnerability issue

[sochetanie]

It looks like an update for "ws": "^7.5.10" was done at the end of August. However, the last update of the npm package was 6 months ago before that update.

Please update the npm package to help resolve this package's vulnerability issue.

[martincostello]

Bearing in mind that releases are at most monthly, if you want this kind of transient dependency vulnerability fixed ASAP, it's always best to resolve it yourself by doing something like npm audit fix and committing the resulting changes to any lock file(s).

[javiercn]

@sochetanie thanks for contacting us.

what package are you talking about?

[sochetanie]

https://www.npmjs.com/package/@microsoft/signalr?activeTab=code

[harshtyagimdr]

Any update on this?
Please update ws to 7.5.10