Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

handlebars dependency in istanbul-reports needs to be updated #293

Closed
nbj opened this issue Feb 14, 2019 · 4 comments
Closed

handlebars dependency in istanbul-reports needs to be updated #293

nbj opened this issue Feb 14, 2019 · 4 comments

Comments

@nbj
Copy link

nbj commented Feb 14, 2019

As of Feb. 14th 2019 istanbul-reports is broken due to vulnerability in the dependency of handlebars.

See: https://www.npmjs.com/advisories/755

This should be an easy fix, alas I was not allowed to push a PR.
@nbj
Copy link
Author

nbj commented Feb 14, 2019

I can see a PR has been made, but it is in a broken state. A fix would be much appreciated, as our CI depends on this working :)

@nbj
Copy link
Author

nbj commented Feb 14, 2019

@YuriGor has made a PR: #294

Looking forward to getting it tagged :)

@jungleBadger jungleBadger mentioned this issue Feb 14, 2019
Closed
@coreyfarrell
Copy link
Member

Please be patient. I appreciate the trouble you are having in CI but istanbul / nyc has no full-time/paid staff, just a few main people who volunteer time to help maintain this project.

I'm just now seeing this issue and have merged the update to istanbul-reports (it's 8AM local time for me).

@coreyfarrell
Copy link
Member

Updated istanbul libraries are now published. It'll take me a bit longer to get an update to nyc published (ref istanbuljs/nyc#991).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@coreyfarrell @nbj