search

cameronhunter / local-ssl-proxy

Simple SSL HTTP proxy using a self-signed certificate. Intended for local development only.
MIT License
690 stars 66 forks source link

Update dependencies and test #109

Closed smorimoto closed 1 year ago

smorimoto commented 1 year ago

Vulnerabilities in child dependencies of this package cause GitHub security scans to complain. To fix that, this PR makes a massive elimination of whole dependencies.

branch Prod Dev
master 15 532
smorimoto:npm-audit-fix 7 233
smorimoto commented 1 year ago

Use the "hide whitespace changes" option for easier viewing: https://github.com/cameronhunter/local-ssl-proxy/pull/109/files?diff=split&w=1

smorimoto commented 1 year ago

You can see the CI result here: https://github.com/smorimoto/local-ssl-proxy/actions/runs/4137055622/jobs/7151740392

meshuamam commented 1 year ago

🎉

smorimoto commented 1 year ago

ping @cameronhunter I'd like to fix this. Do you have time to review this?

└─ local-ssl-proxy@npm:1.3.0 (via npm:1.3.0)
   └─ nomnom@npm:1.8.1 (via npm:^1.8.1)
      └─ underscore@npm:1.6.0 (via npm:~1.6.0)

https://github.com/advisories/GHSA-cf4h-3jhx-xvhq

cameronhunter commented 1 year ago

I've rebuilt the package with TypeScript and updated all the dependencies. yarn npm audit -R isn't reporting any suggestions, so I think we're good here.