Closed mannyluvstacos closed 2 years ago
@cloudhead : Besides fixing the vulnerability, I've added a few test tweaks to get CI passing again, but it really seems that going with the full ESM approach (e.g., in CLI), that v12 is not gonna work. Since there are less than 4 months until v12 expires, what do you say about requiring Node 14?
@cloudhead : I've just pushed a commit to fix CI as our package-lock had needed updating too.
@cloudhead : Besides fixing the vulnerability, I've added a few test tweaks to get CI passing again, but it really seems that going with the full ESM approach (e.g., in CLI), that v12 is not gonna work. Since there are less than 4 months until v12 expires, what do you say about requiring Node 14?
I think that makes sense.
A Security Vuln was identified in the Colors package for >1.4.0, offending packages being
1.4.1
,1.4.44-liberty
This PR pins the color package to
1.4.0
as advised on the snyk page