Announcements
Hello,
We have a high prioritiy security issue with the specified version of webpack (4.28.4) in the pcf-scripts npm package. Unfortunately it specifies exactly that version in package.json.
Is it ok to resolve to the latest webpack version or would this cause issues to pcf-scripts package?
The soon-to-be-released March refresh for pcf-scripts (ETA mid next week) has already been updated to:
It got flagged by our internal compliance/security tracking as well.
To work around until then, yes, you should be able to locally resolve to the latest 4.42.1
While we are in this area, my gitgub repository is complaining about a number of security vulnerabilities with some webpack dependencies (but not yet webpack itself).
Minimist - Upgrade minimist to version 1.2.3 or later.
acorn - Upgrade acorn to version 5.7.4 or later
kind-of - Upgrade kind-of to version 6.0.3 or later
Will this next release resolve these complaints as well?
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
Congratulations to our 2026 Super Users!
Congratulations to our 2025 community superstars!
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Vish WR 610
Haque 317
WarrenBelz 315 Most Valuable Professional
