Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update insecure dependencies (eslint, handlebars) #442

Merged
merged 1 commit into from Sep 15, 2015
Merged

Conversation

@fhemberger
Copy link
Contributor

fhemberger commented Sep 15, 2015

handlebars@3.0.3 (also used in eslint @1.3.1) requires uglify-js@2.3.6, a
vulnerable version, see https://nodesecurity.io/advisories/module/uglify-js

This commit also addresses the changes introduced with the update of
both packages:

  • eslint: Return the complete path of the linted file
    (see test/linters.js#30,51)
  • handlebars: Depthed paths are now conditionally pushed on to the stack.
    (see wycats/handlebars.js#1028)
handlebars@3.0.3 (also used in eslint @1.3.1) requires uglify-js@2.3.6, a
vulnerable version, see https://nodesecurity.io/advisories/module/uglify-js

This commit also addresses the changes introduced with the update of
both packages:

- eslint: Return the complete path of the linted file
  (see test/linters.js#30,51)
- handlebars: Depthed paths are now conditionally pushed on to the stack.
  (see wycats/handlebars.js#1028)
@geek geek added this to the 5.16.2 milestone Sep 15, 2015
@geek geek self-assigned this Sep 15, 2015
@geek

This comment has been minimized.

Copy link
Member

geek commented Sep 15, 2015

@fhemberger thanks... happy to see eslint fixed that big bug on 1.4.0 :)

geek added a commit that referenced this pull request Sep 15, 2015
Update insecure dependencies (eslint, handlebars)
@geek geek merged commit 6169899 into hapijs:master Sep 15, 2015
1 check passed
1 check passed
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.