-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please upgrade minimist #6962
Comments
@ebaynaud Thanks for posting! We'll take a look as soon as possible. In the mean time, there are a few ways you can help speed things along:
Please remember: never post in a public forum if you believe you've found a genuine security vulnerability. Instead, disclose it responsibly. For help with questions about Sails, click here. |
Fix vulnerability: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 Fixes balderdashy#6962
@ebaynaud minimist is a library we use for parsing command-line options, so I don't think this vulnerability has a material impact. That said we want to keep things clean when Sails is installed, so thank you for bringing this to our attention! What changed in minimist between 0.0.10 and 1.2.5? |
No changelog, no release notes, no breaking changes in readme. |
Tested out my local sails with upgraded minimist, to make sure it was properly parsing command-line arguments:
Everything's looking good 👍 |
Sails version (sails): 1.2.3
A minimist vulnerability was found, is it possible to upgrade minimist to the latest version?
The text was updated successfully, but these errors were encountered: