Skip to content

Commit

Permalink
upgrade tar to fix vuln
Browse files Browse the repository at this point in the history
  • Loading branch information
@rynop
rynop committed Apr 16, 2019
1 parent 355365e commit 4e5153b
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 118 deletions.
4 changes: 2 additions & 2 deletions index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ function installDynamoDbLocal() {
filebuf = fs.createReadStream(Config.downloadUrl);
filebuf
.pipe(zlib.Unzip())
.pipe(tar.Extract({path: Config.installPath}))
.pipe(tar.extract({cwd: Config.installPath}))
.on('end', function () {
deferred.resolve();
})
Expand All @@ -165,7 +165,7 @@ function installDynamoDbLocal() {
}
redirectResponse
.pipe(zlib.Unzip())
.pipe(tar.Extract({path: Config.installPath}))
.pipe(tar.extract({cwd: Config.installPath}))
.on('end', function () {
deferred.resolve();
})
Expand Down
157 changes: 46 additions & 111 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 5 additions & 5 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "dynamodb-local",
"description": "A wrapper for AWS DynamoDB Local, intended for use in testcases",
"version": "0.0.25",
"version": "0.0.26",
"license": "MIT",
"repository": "doapp-ryanp/dynamodb-local",
"author": {
Expand All @@ -23,10 +23,10 @@
"node": ">= 0.10.33"
},
"dependencies": {
"debug": "^4.1.0",
"mkdirp": "^0.5.0",
"q": "^1.4.1",
"tar": "^2.0.0"
"debug": "~4.1.0",
"mkdirp": "~0.5.0",
"q": "~1.4.1",
"tar": "~4.4.8"
},
"licenses": [
{
Expand Down

0 comments on commit 4e5153b

Please sign in to comment.