node-lifx
node-lifx copied to clipboard
Please update vulnerable dependencies
I went ahead and ran npm install
and it found quite a few vulnerable packages:
found 450 vulnerabilities (239 low, 206 moderate, 4 high, 1 critical)
Running npm audit fix
didn't get them all. I had to run npm audit fix --force
to fix them all. It said some dependencies had breaking changes, but everything's working for me so maybe it's looking at the version number changes. Either way, GitHub also has a service where it will automatically pull-request changes to vulnerable packages.
I would love it if this library could be updated with these changes.