openbudgetoakland icon indicating copy to clipboard operation
openbudgetoakland copied to clipboard

Published 20 hours ago verified publisher icon openoakland

fix vulnerabilities

Open ckingbailey opened this issue 5 years ago • 3 comments

There are ~500 vulnerabilities on the various dependencies.

Many can probably be automatically fixed with npm audit fix.

Screen Shot 2019-06-11 at 8 53 51 PM

ckingbailey avatar Jun 12 '19 04:06 ckingbailey

This is so scary! There is a huge potential for breaking things, yet we have to try, don't we? 😫

nydame avatar Jul 03 '19 03:07 nydame

I got it down to 1. Initial research suggests the way babel-cli works has changed a bit so resolving this one might prove onerous. I'll give it a whirl, and if it requires too many changes, I think it'd be ok to leave it for now. It's severity is low.

Screen Shot 2019-07-03 at 9 46 14 AM

ckingbailey avatar Jul 03 '19 16:07 ckingbailey

Thank you! Feel free to create a pull request whenever you're ready. I've been working on my review-and-deploy-pull-requests workflow, and I'm feeling pretty confident about it now.

nydame avatar Jul 17 '19 17:07 nydame