binary-install
binary-install copied to clipboard
EverlastingBugstopper
Install binary applications via npm
There's a vulnerability on axios https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45857 I also looked at updating the other dependencies. This might require a major bump on binary-install since `rimraf` dropped support for node 14 effectively...
As this package commits the [cardinal sin of writing into its own package directory](https://yarnpkg.com/advanced/rulebook#packages-should-never-write-inside-their-own-folder-outside-of-postinstall), and Yarn's whole imperative is to nuke bad patterns out of orbit, it doesn't work with...
Is there a particular license you want to apply to this project so contributors and users know what the usage terms are?
Moving an issue from https://github.com/apollographql/rover/issues/1563 to here. Currently the install command checks to see if the binary exists, and if it does, immediately resolves the promise without taking any actions....
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx No fix available node_modules/binary-install/node_modules/axios binary-install * Depends on vulnerable versions of axios node_modules/binary-install
I apologize if this is actually documented somewhere outside of the code. I couldn't find it. Currently, if your tarball looks like ``` file dir/file ``` since strip is set...
We have a security scanner that flagged this package because it's pulling in an axios version with a high risk vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-3749 Just thought I'd pass it on here for...
