Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Remove pstree.remy #1454
This is a bloated dependency that (down the stream) depends on a dependency that is running unknown and clearly malicious code on everyone's system.
Right - reviewing this properly, which I'm guessing never happened, this can't be merged.
The reason I'm using pstree.remy - my own fork, is (as it clearly states in the description of the module) is that it's able to get the process tree without
The fix is to PR against pstree.remy and to remove the
I've only commented out one test,
This was to address
found 42 vulnerabilities (21 low, 15 moderate, 5 high, 1 critical) run `npm audit fix` to fix them, or `npm audit` for details
The bump to the dependencies results in
found 3 low severity vulnerabilities run `npm audit fix` to fix them, or `npm audit` for details
I can remove the major version bumps to
I see. Then I suppose the actual removal of