search

TomFrost / Bristol

Insanely configurable logging for Node.js
MIT License
113 stars 19 forks source link

Moment dependency needs to be updated due to security advisory #26

Closed ghost closed 7 years ago

ghost commented 7 years ago

Moment should be updated to at least 2.11.2.

https://nodesecurity.io/advisories/55

MarkHerhold commented 7 years ago

Bristol's version range isn't preventing you from using newer versions of moment.

  "dependencies": {
    "moment": "^2.14.1"
  }
TomFrost commented 7 years ago

Moment's been forced to ^2.17.1 in the latest master.

MartijnR commented 6 years ago

Would be great to publish a new version with this change.