search

commitizen / cz-cli

The commitizen command line utility. #BlackLivesMatter
http://commitizen.github.io/cz-cli/
MIT License
16.7k stars 547 forks source link

npm audit vulnerability from "merge" package #827

Closed h13o closed 3 years ago

h13o commented 3 years ago

"merge < 2.1.1" package shows deprecation. I think updating the package to 2.1.1 will solve this issue.

About Vulnerability https://snyk.io/test/npm/commitizen/4.2.3 https://snyk.io/test/npm/merge/2.1.0

merge 2.1.1 fixed the vulnerability https://snyk.io/test/npm/merge/2.1.1

mybrainishuge commented 3 years ago

See https://github.com/commitizen/cz-cli/issues/825 and https://github.com/commitizen/cz-cli/pull/824

h13o commented 3 years ago

Thanks!