Is it possible to upgrade the dependency Base64 from the current ~0.2.0 to latest (1.1.0)?
I have verified that Base64 is really only used once in http-browserify code and changing versions wouldn't break anything even though the semver indicates otherwise.
The root cause of my problems is that Base64 v0.2.0 offers WTFPL which is not white listed in our org. So static code analysis tools flag it as a policy violation. Base64 v 1.1.0 , on the other hand allows Apache 2.0 which is white listed in our org.
If there is a way to install the latest version of Base64 and make http-browserify point to this latest version then that could work as well. Note that webpack aliasing won't work since we need to pass static code analysis scrutiny which probably works off package-lock.json
Is it possible to upgrade the dependency
Base64from the current~0.2.0to latest (1.1.0)?I have verified that
Base64is really only used once inhttp-browserifycode and changing versions wouldn't break anything even though the semver indicates otherwise.The root cause of my problems is that
Base64 v0.2.0offers WTFPL which is not white listed in our org. So static code analysis tools flag it as a policy violation.Base64 v 1.1.0, on the other hand allows Apache 2.0 which is white listed in our org.If there is a way to install the latest version of
Base64and makehttp-browserifypoint to this latest version then that could work as well. Note that webpack aliasing won't work since we need to pass static code analysis scrutiny which probably works offpackage-lock.json