NSP check is reporting vulnerability on latest Webpack package. #6513
Comments
|
I think chokidar at webpack/watchpack needs version bump, can submit a pr if that sounds good @sokra |
|
@EugeneHlushko PR welcome |
|
@webpack-bot move to webpack/watchpack |
|
I've moved it to webpack/watchpack. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Do you want to request a feature or report a bug?
What is the current behavior?
If the current behavior is a bug, please provide the steps to reproduce.
What is the expected behavior?
If this is a feature request, what is motivation or use case for changing the behavior?
Please mention other relevant information such as the browser version, Node.js version, webpack version, and Operating System.
Just executed the nsp check command on my project and it is reporting a vulnerability on latest webpack package due to a downstream dependency on the module hoek.
Please refer the link from node security: https://nodesecurity.io/advisories/566
Path: webpack >> watchpack@1.4.0>>chokidar@1.7.0>>fsevents@1.1.3>>node-pre-gyp@0.6.39>>hawk>>hoek
The text was updated successfully, but these errors were encountered: