metalsmith-assets icon indicating copy to clipboard operation
metalsmith-assets copied to clipboard

Published 20 hours ago verified publisher icon treygriffith

Update package.json

Open wdullaer opened this issue 8 years ago • 3 comments

Fixes a security vulnerability in one of recursive-readdir's dependencies

wdullaer avatar Oct 28 '16 09:10 wdullaer

Push! This is important! @wdullaer

axe312ger avatar Nov 10 '16 11:11 axe312ger

Maybe also consider update the other dependencies. This module is pretty small and simple, nothing should break.

axe312ger avatar Nov 10 '16 11:11 axe312ger

Yup

The version of "debug" ("~2.2.0") also has a known vulnerability.

Changing it to "^2.2.0" (or "^2.6.9") should do the trick.

See https://nodesecurity.io/advisories/534

pft avatar Oct 26 '18 15:10 pft