fix: resolve security updates by updating all dependencies

chargetrip / clusterbuster

A Mapbox Vector Tile (MVT) map tiling server with built-in clustering and filtering

MIT License

92 stars 18 forks source link

fix: resolve security updates by updating all dependencies #47

Closed timkuilman closed 4 years ago

timkuilman commented 4 years ago

I have followed the instructions in this article to resolve the security issues in this repository. I basically updated all of the dependencies and confirmed that the issues are resolved by running npm audit.

@cosmin-petrescu are you fine with these updates? The alternative would have been to only update the effected packages and force the usage of for example minimist 1.2.5 using yarn resolutions. Though I think updating other packages does make sense.

cosmin-petrescu commented 4 years ago

:tada: This PR is included in version 2.6.1 :tada:

The release is available on:

GitHub release
npm package (@latest dist-tag)

Your semantic-release bot :package::rocket: