Closed colinrotherham closed 6 months ago
See GitHub Advisory: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
This PR also runs npm update --save to pick up minor/patch versions for other packages
npm update --save
Closes https://github.com/alphagov/govuk-prototype-kit/issues/2383
Updating from browser-sync@2.29.3 → browser-sync@3.0.2 is a non-breaking change for this project
browser-sync@2.29.3
browser-sync@3.0.2
The vulnerability only affected Browsersync config tunnel: true which is not used by the Prototype Kit
tunnel: true
thanks this is good and we should do it, but just for clarity, we don't use that option so it's not currently a vulnerability that affects our users I dont think
See GitHub Advisory: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
This PR also runs
npm update --save
to pick up minor/patch versions for other packagesCloses https://github.com/alphagov/govuk-prototype-kit/issues/2383
Browsersync update
Updating from
browser-sync@2.29.3
→browser-sync@3.0.2
is a non-breaking change for this projectThe vulnerability only affected Browsersync config
tunnel: true
which is not used by the Prototype Kit