Closed prtksxna closed 4 years ago
Hmm.. that's strange since this library doesn't have any dependencies (apart from stuff for dev). They shouldn't even be installed if you're installing as a dependency yourself! Npm being a bit overzealous perhaps.
In any case, I'll look to fix. Thanks for reporting
Hmmm... Just to be sure, could these be vulnerabilities in other packages you've installed? What does it say if you run npm audit
?
$ npm install headroom.js --save
+ headroom.js@0.11.0
added 1 package from 1 contributor and audited 1 package in 1.24s
found 0 vulnerabilities
Just did a fresh install locally. No vulnerabilities reported.
I think this has been misattributed. Closing