Permalink
Browse files

Remove NPM warning about minimatch RegExp DoS issue

Update dependencies `glob` and `minimatch` to latest versions to avoid
warning about minimatch RegExp DoS issue:

    warning minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
    warning glob > minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

Advisory can be found here:

  https://nodesecurity.io/advisories/118

and the fix to `minimatch` issue itself:

  isaacs/minimatch@6944abf
1 parent c752a24 commit de94445e6c4bea4a1342bdf5a093f9104f0884b6 @oherrala oherrala committed Dec 15, 2016
Showing with 2 additions and 2 deletions.
  1. +2 −2 package.json
View
@@ -16,8 +16,8 @@
"dependencies": {
"acorn": "^3.2.0",
"enhanced-resolve": "^2.2.2",
- "glob": "3",
- "minimatch": "0.2",
+ "glob": "^7.1.1",
+ "minimatch": "^3.0.3",
"resolve-from": "2.0.0"
},
"devDependencies": {

0 comments on commit de94445

Please sign in to comment.