vorpal icon indicating copy to clipboard operation
vorpal copied to clipboard

Published 20 hours ago verified publisher icon dthree

Node Security Issue with lodash: 577 - Prototype Pollution

Open johncblandii opened this issue 6 years ago • 8 comments

screen shot 2018-05-14 at 6 04 49 pm

We need a lodash update. It'd be a good time to release to resolve #301 as well.

johncblandii avatar May 14 '18 23:05 johncblandii

I can approve this. +1

AukeTembrink avatar Jul 27 '18 18:07 AukeTembrink

It still seems to be a problem on 1.12.0 according to Snyk (https://app.snyk.io/test/npm/vorpal/1.12.0).

Berkmann18 avatar Jun 05 '19 14:06 Berkmann18

I'm pretty sure this project is dead, @Berkmann18.

johncblandii avatar Jun 07 '19 05:06 johncblandii

@johncblandii I hope not. @dthree ?

Berkmann18 avatar Jun 07 '19 09:06 Berkmann18

Why has this not been merged, rather unacceptable that a high security vulnerability has been here for over a year

tsujp avatar Oct 09 '19 08:10 tsujp

@tsujp Because the project is dead and the old vorpal admins haven’t put anyone else in charge.

slinkardbrandon avatar Oct 09 '19 11:10 slinkardbrandon

@slinkardbrandon I guess either https://github.com/vorpaljs-reforged/vorpal or https://github.com/oclif/oclif is the play now.

tsujp avatar Oct 09 '19 11:10 tsujp

I'm starting using this fork: npm i @moleculer/vorpal

davidnussio avatar Oct 25 '19 15:10 davidnussio