gulp-reporter icon indicating copy to clipboard operation
gulp-reporter copied to clipboard

Published 20 hours ago verified publisher icon gucong3000

Upgrade `emphasize`

Open karlwilbur opened this issue 4 years ago • 0 comments

The emphasize package is currently locked to ^2.0.0. https://github.com/gucong3000/gulp-reporter/blob/80560d85b834307bd4cf77fb34257eacefde7781/package.json#L16

However, there have been multiple security-related updates to emphasize and its dependencies (such as highlight) since that version.

Ref:

  • https://github.com/advisories/GHSA-7wwv-vh3v-89cq (highlight : >=9.0.0, < 10.4.1)
  • https://github.com/advisories/GHSA-vfrc-7r7c-w9mx (highlight : >= 10.0.0, < 10.1.2)

Please update the emphasize package version dependency to ^4.2.0.

karlwilbur avatar Feb 10 '21 16:02 karlwilbur