Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security vulnerability - ansi-regex@4.1.0 #1919

Closed
graniczny opened this issue Sep 23, 2021 · 3 comments
Closed

Security vulnerability - ansi-regex@4.1.0 #1919

graniczny opened this issue Sep 23, 2021 · 3 comments
Labels
released

Comments

@graniczny
Copy link

  • Nodemon version: 2.0.12

Description

Security vulnerability - ansi-regex@4.1.0
https://snyk.io/vuln/npm:ansi-regex

Solution

Update package that has vulnerable dependency

+-- nodemon@2.0.12
| `-- update-notifier@4.1.3
|   `-- boxen@4.2.0
|     +-- ansi-align@3.0.0
|     | `-- string-width@3.1.0
|     |   `-- strip-ansi@5.2.0
|     |     `-- ansi-regex@4.1.0
@remy remy closed this as completed in 90e7a3e Sep 23, 2021
@github-actions
Copy link

🎉 This issue has been resolved in version 2.0.13 🎉

The release is available on:

Your semantic-release bot 📦🚀

@graniczny
Copy link
Author

@remy I think this issue is still not resolved in 2.0.13

| `-- update-notifier@5.1.0
|   `-- boxen@5.1.2
|     +-- ansi-align@3.0.0
|     | `-- string-width@3.1.0
|     |   `-- strip-ansi@5.2.0
|     |     `-- ansi-regex@4.1.0

@remy
Copy link
Owner

remy commented Sep 24, 2021

You need to track the issue at the source: nexdrew/ansi-align#61

@remy remy mentioned this issue Sep 29, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@remy @graniczny