Security: cryptiles #482
Description
We currently have a security alert for cryptiles — https://github.com/cozy/cozy-contacts/network/alert/yarn.lock/cryptiles/open
yarn why cryptiles
"cozy-bar#cozy-client-js#pouchdb#request#hawk" depends on it
- Hoisted from "cozy-bar#cozy-client-js#pouchdb#request#hawk#cryptiles"
This is the same vulnerability than on most of our projects, coming from an old pouchdb version. It only affects the node eversion, so the shipped web app is not at risk.
This will eventually be solved by upgrading pouchdb in cozy-client-js.