Security vulnerabilities in Reload and Socket

Open Martination opened this issue 7 years ago • 0 comments

NPM is reporting 19 vulnerabilities (12 low, 2 moderate, 4 high, 1 critical) in the packages for the project. Reload 1.0.0 is responsible for 10 of them and NPM suggests upgrading to 2.3.0. Socket 1.4.8 is responsible for 9 of them and NPM suggests upgrading to 2.1.1.

However, these are breaking changes. While this isn't a public site and it doesn't have much chance of being exploited in this case, I'm sure a lot of people build off of this code and it sets a good example for security and maintaining projects.

Jul 07 '18 20:07 Martination