Skip to content
This repository has been archived by the owner on Dec 1, 2019. It is now read-only.

Dependencies (micromatch) Security Vulnerabilities #638

Open
michal-ayash opened this issue Jul 28, 2019 · 1 comment
Open

Dependencies (micromatch) Security Vulnerabilities #638

michal-ayash opened this issue Jul 28, 2019 · 1 comment

Comments

@michal-ayash
Copy link

This package requires an old version of 'micromatch' (3.1.10) that requires 'set-value' with old version (2.0.0) which has vulnerability issue.
Updating the package to require the latest version of micromatch will resolve the issue.

Thanks,
Michal.
@gingerchris
Copy link

I made an attempt at this here #645
But it would need this project to effectively abandon support for node 7.

What is the feeling around that?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gingerchris @michal-ayash