Closed eercanayar closed 5 years ago
This was the package that made news a while back that had the security vulnerability, it was removed from npm. It was since fixed.
See here: https://github.com/dominictarr/event-stream/issues/116.
Removing the package-lock.json and running npm install will update your dependencies with the new version.
@baumandm - I can submit a PR, would you prefer an update to only the single dependency?
That would be great! Probably safer to include the entire package-lock.json
.
cyclotron-site/package.json
requiresevent-stream@3.3.6
indirectly and this package is suspended because of a security vulnerability. You can have a look at npm blog. How can we solve this dependency problem? It causes failure whennpm install
is run.