Vulnerability in lodash.template dependency

GoogleChromeLabs / sw-precache

[Deprecated] A node module to generate service worker code that will precache specific resources so they work offline.

https://developers.google.com/web/tools/workbox/guides/migrations/migrate-from-sw

Apache License 2.0

5.22k stars 388 forks source link

Vulnerability in lodash.template dependency #385

Open midzer opened 5 years ago

midzer commented 5 years ago

GitHub security rants for one of my projects:

1 lodash.template vulnerability found in yarn.lock yesterday Remediation Upgrade lodash.template to version 4.5.0 or later. For example: lodash.template@^4.5.0: version "4.5.0"

sw-precache currently has lodash.template ^4.4.0 has dependency.

Happy weekend midzer

fabianoramos78 commented 5 years ago

Hi:

Just run:

npm i --save lodash lodash.template

yarn add lodash lodash.template

And push your project again and done!