[npm audit] found 2 moderate severity vulnerabilities => need a package update

[fabien-h]

Hi, the audit on the plugin gives that couple of errors:

Could you consider a package update ?

For the future, you could use https://greenkeeper.io/. It takes care of continuously update your dependencies and warns you if it breaks some tests.

Moderate        Regular Expression Denial of Service
Package         semver
Patched in      >=4.3.2
Dependency of   rollup-plugin-node-builtins [dev]
Path            rollup-plugin-node-builtins > browserify-fs > levelup > semver
More info       https://nodesecurity.io/advisories/31

Moderate        Memory Exposure
Package         bl
Patched in      >=0.9.5 <1.0.0 || >=1.0.1
Dependency of   rollup-plugin-node-builtins [dev]
Path            rollup-plugin-node-builtins > browserify-fs > levelup > bl
More info       https://nodesecurity.io/advisories/596

[izelnakri]

@calvinmetcalf ^^

[AndrewSerra]

I had the same message as well @calvinmetcalf ^^

[davidfig]

I've been using this fork until these vulnerabilities are updated: https://github.com/joseph184/rollup-plugin-node-builtins

yarn add @joseph184/rollup-plugin-node-builtins

[mhkeller]

Would be great to update this

[srepollock]

I have pushed an updated fix to browserify-fs as a new version (browserify-fs@1.0.1) in a pull request. Please make some noise and get this push through