browserify-fs icon indicating copy to clipboard operation
browserify-fs copied to clipboard

Published 20 hours ago β€’ verified publisher icon mafintosh

fix: πŸ› Updated levelup version to 4.2.0 fixing audit

Open srepollock opened this issue 5 years ago β€’ 14 comments

Closes: #20

srepollock avatar Sep 09 '19 01:09 srepollock

@mafintosh please merge this and create an updated release

favna avatar Sep 09 '19 11:09 favna

I would like to request for a change, if that's okay. There is another vulnerability in levelup. the problem had been fixed already form their side https://github.com/Level/levelup/issues/676. However, I'm not sure if it will be a patch/minor version bump. if not, then we need to update this package.json as well. refer to this picture for the vulnerabilities that I had faced using rollup plugin.

akoushke avatar Sep 21 '19 20:09 akoushke

@srepollock This PR is incomplete. There have been breaking changes between levelup 0.x and 4 you'll need to account for.

vweevers avatar Sep 21 '19 20:09 vweevers

@mafintosh, have you had a chance to look at this yet? It would help us out a lot if this were fixed.

Vehmloewff avatar Dec 31 '19 22:12 Vehmloewff

I don’t have any time to review this. If someone wants to take it over let me know.

mafintosh avatar Jan 01 '20 08:01 mafintosh

@mafintosh user @lcsvcn has approved this and I addressed the issues @Vehmloewff commented on. Is there any more reason stopping this from being merged in?

srepollock avatar Jul 11 '20 20:07 srepollock

I apologize and would like to update this thread for the sake of @trevorblades . I have accidentally deleted the GitHub repo referenced in the PR here. I have recreated the repo and made the necessary changes here. I will have a release set up as well to pull from NPM, but I would suggest that this PR get some movement.

If because I deleted the repo there is no way to merge in this PR, please @ me here and I can submit a new one with the new repo. Cheers

srepollock avatar Aug 12 '20 17:08 srepollock

@srepollock github maintains the code changes of deleted repos, thankfully. In the past it would've auto closed this PR but no more.

favna avatar Aug 12 '20 23:08 favna

Thanks for restoring that repo @srepollock!

trevorblades avatar Aug 19 '20 21:08 trevorblades

Any updates?

jdalrymple avatar Oct 19 '20 10:10 jdalrymple

Could someone teach me how to use @srepollock's fixed version of the repo instead of this version? Seeing that this PR will not be merged anytime soon.

SamsonChoo avatar Nov 19 '20 09:11 SamsonChoo

@SamsonChoo npm i srepollock-browserify-fs https://www.npmjs.com/package/srepollock-browserify-fs

srepollock avatar Nov 20 '20 00:11 srepollock

Hi this appears to still be an open issue. Is there a way to move this along and get it resolved? Happy to help in anyway I can

penfold45 avatar Feb 17 '22 10:02 penfold45

@penfold45 currently the solution is to fork and fix yourself or to use someone else's fix. The developer seems to be inactive on here at this time.

srepollock avatar Feb 17 '22 16:02 srepollock