joelanman
commented
6 months ago thanks this is good and we should do it, but just for clarity, we don't use that option so it's not currently a vulnerability that affects our users I dont think
Closed colinrotherham closed 6 months ago
joelanman
commented
6 months ago thanks this is good and we should do it, but just for clarity, we don't use that option so it's not currently a vulnerability that affects our users I dont think
See GitHub Advisory: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
This PR also runs
npm update --saveto pick up minor/patch versions for other packagesCloses https://github.com/alphagov/govuk-prototype-kit/issues/2383
Browsersync update
Updating from
browser-sync@2.29.3→browser-sync@3.0.2is a non-breaking change for this projectThe vulnerability only affected Browsersync config
tunnel: truewhich is not used by the Prototype Kit