captainrandom
commented
4 years ago This website shows which versions of minimist have vulnerabilities: https://app.snyk.io/vuln/npm:minimist
Closed captainrandom closed 4 years ago
captainrandom
commented
4 years ago This website shows which versions of minimist have vulnerabilities: https://app.snyk.io/vuln/npm:minimist
This fixes the security vunerabilities in minimist. I'm upgrading sharp to the latest version, as minimist is one of sharp's dependencies.
As one can see I've not only upgraded minimist from the package-lock.json file, building the files seems to still run (not 100% sure if the data is correct though ... we really should have an end to end integration test for this at some point to make sure upgrades among other changes don't break things).
Screenshots
to be updated with screenshots ...
What I did
Also one can check by pulling the branch running npm install and then running npm ls minimist to show the installed version of minimist (which can also be seen in the package-lock.json file).