Update node-notifier dependency to v5.2.1

Turbo87 / webpack-notifier

webpack + node-notifier = build status system notifications

ISC License

306 stars 41 forks source link

Update node-notifier dependency to v5.2.1 #36

Closed naidraikzir closed 6 years ago

naidraikzir commented 6 years ago

Github says Marked has a known moderate severity security vulnerability in version range < 0.3.9. Here is the link CVE-2017-17461. node-notifier v5.2.1 doesn't use marked anymore.

fix #35

Turbo87 commented 6 years ago

Seems good to me, thanks! Can you remove the lockfile from the PR?

naidraikzir commented 6 years ago

@Turbo87 Done 👍

Turbo87 commented 6 years ago

Thanks :)

fitztrev commented 6 years ago

@Turbo87 Could you please tag a release that includes this?

Turbo87 commented 6 years ago

I'm on vacation right now without my laptop so unfortunately the answer is no until I get back, sorry.

fitztrev commented 6 years ago

@Turbo87 no problem, it can wait 😄 Thanks