Dependency update to resolve npm audit issues #16
Labels
Type: Security
Vulnerability disclosure or Fixing security issue
Comments
|
https://github.com/azu/can-npm-publish/releases/tag/v1.3.4 fix this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
This project is causing npm audit to fail for my builds, I was hoping it is ok if I submit a pr to resolve the audit issues.
` === npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim-newlines │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.0.1 <4.0.0 || >=4.0.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ can-npm-publish [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ can-npm-publish > meow > trim-newlines │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1753 │
└───────────────┴──────────────────────────────────────────────────────────────┘
`
The text was updated successfully, but these errors were encountered: