snyk.io reports a critical vulnerability on drain3@0.9.11 (lastest package) version due to the dependency jsonpickle@1.5.1
The dependency have been fixed in jsonpickle@3.3.0
But when attempting to install drain3@0.9.11 with jsonpickle@3.3.0 the following error is raised: ERROR: Cannot install drain3==0.9.11 and jsonpickle==3.3.0 because these package versions have conflicting dependencies
I can try to force the installation, but will the package work as expected? Shouldn't a new version just patch this issue to avoid workarounds?
snyk.io reports a critical vulnerability on drain3@0.9.11 (lastest package) version due to the dependency jsonpickle@1.5.1
The dependency have been fixed in jsonpickle@3.3.0
But when attempting to install drain3@0.9.11 with jsonpickle@3.3.0 the following error is raised:
ERROR: Cannot install drain3==0.9.11 and jsonpickle==3.3.0 because these package versions have conflicting dependenciesI can try to force the installation, but will the package work as expected? Shouldn't a new version just patch this issue to avoid workarounds?