walterjohan
commented
6 years ago I get the same, is there any chance that these packages will be updated, or can we do that manually without breaking anything?
Open ScarletLovell opened 6 years ago
walterjohan
commented
6 years ago I get the same, is there any chance that these packages will be updated, or can we do that manually without breaking anything?
When using
NPM iwith electron-prebuilt-compile as a depend in my package.json, it follows up with these vulnerabilitieshoek has 4 errors on Prototype pollution https://nodesecurity.io/advisories/566
uglify-js has Incorrect Handling of Non-Boolean Comparisons During Minification & Regular Expression Denial of Service https://nodesecurity.io/advisories/39
Both seem to be through the electron-compilers nested depend