solparse icon indicating copy to clipboard operation
solparse copied to clipboard
verified publisher icon duaraghav8

Update dependencies version to fix security issues

Open pmprete opened this issue 5 years ago • 1 comments

Bump the version of mocha, yargs and mkdirp to solve the issues shown by npm audit:

npm audit security report

Run npm install [email protected] to resolve 1 vulnerability

SEMVER WARNING: Recommended action is a potentially breaking change │ Low │ Denial of Service
│ Package │ mem
│ Dependency of │ yargs
│ More info │ https://npmjs.com/advisories/1084

Run npm install [email protected] to resolve 1 vulnerability

SEMVER WARNING: Recommended action is a potentially breaking change │ Low │ Prototype Pollution
│ Package │ minimist
│ Dependency of │ mocha
│ Path │ mocha > mkdirp > minimist
│ More info │ https://npmjs.com/advisories/1179

Run npm install [email protected] to resolve 1 vulnerability

SEMVER WARNING: Recommended action is a potentially breaking change │ Low │ Prototype Pollution
│ Package │ minimist
│ Dependency of │ mkdirp
│ Path │ mkdirp > minimist
│ More info │ https://npmjs.com/advisories/1179

found 3 low severity vulnerabilities in 88 scanned packages 3 vulnerabilities require semver-major dependency updates.

pmprete avatar Apr 30 '20 18:04 pmprete

@pmprete thanks! I'll test it out locally and then merge

duaraghav8 avatar May 04 '20 07:05 duaraghav8