Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies to mitigate vulnerabilities #130

Closed
kahrpatrick opened this issue Jul 11, 2023 · 1 comment
Closed

Update dependencies to mitigate vulnerabilities #130

kahrpatrick opened this issue Jul 11, 2023 · 1 comment
Labels
wontfix This will not be worked on

Comments

@kahrpatrick
Copy link
Contributor

Bug report

Describe the bug

Several dependencies (e.g. babel) make use of a vulnerable version of the semver package. A patched version has been released.

Steps to reproduce the behavior

  1. enable Github Dependabot to get automatic reports
  2. or run npm audit
@boazpoolman
Copy link
Member

It took a while for Dependabot to pick up on it, but it did just create a PR #131

@boazpoolman boazpoolman added the wontfix This will not be worked on label Jul 11, 2023
@boazpoolman boazpoolman closed this as not planned Won't fix, can't repro, duplicate, stale Jul 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@boazpoolman @kahrpatrick