mathesar
mathesar copied to clipboard
Bump tmpl to latest version when npm audit raises alert
Description
Dependabot has raised a PR, force updating tmpl: https://github.com/centerofci/mathesar/pull/675, due to a security vulnerability in the version our packages depend on.
This package is used by one of the dependencies of the entire dependency tree. Forcing a version update might break any of those packages silently.
npm audit has not raised a warning yet. This vulnerability is a main concern only on a server environment (node js). We can update parent packages/force update this package when npm audit raises a warning.