makara icon indicating copy to clipboard operation
makara copied to clipboard

Published 20 hours ago verified publisher icon krakenjs

Update bundalo for security issue

Open jeremycohensolal opened this issue 6 years ago • 0 comments

Hello

actually npm audit gives this

image

This is because in the package.json you use bundalo 0.2.9 which is dependent of a lodash vesion which is unsafe.

Could you at least upgrade to 1.0.0 since lodash seems to has been removed from this version.

Actually applications using makara (or krakenjs) are flagged insecure by npm audit...

jeremycohensolal avatar Jul 23 '18 16:07 jeremycohensolal