Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Old lodash version shows a low severity vulnerability with npm audit #157

Closed
ktchernov opened this issue Jun 19, 2018 · 1 comment
Closed

Old lodash version shows a low severity vulnerability with npm audit #157

ktchernov opened this issue Jun 19, 2018 · 1 comment
Labels
duplicate

Comments

@ktchernov
Copy link
Contributor

When using npm version >6, there is a low level security errors when running npm audit, caused by using an old version of lodash: https://nodesecurity.io/advisories/577

Simply fixed by bumping lodash version.

PR: #155
@cdhowie
Copy link
Collaborator

cdhowie commented Dec 10, 2018

Closing this as a duplicate of #148, which has a subtask of updating dependencies to satisfy bitHound (which checks for vulnerabilities).

@cdhowie cdhowie closed this as completed Dec 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ktchernov @cdhowie