Closed josspo closed 1 year ago
@josspo - thanks for the PR.
Unfortunately we cannot add npm update
in the build, otherwise the flawed dependencies would be updated to its latest version, and therefore change the outcome of the build.
It is also not advised to run npm update
automatically; new versions should be manually updated and verified by developers.
Closing the PR.
adding the command
npm update --save
before runningnpx --yes auditjs ossi --whitelist allow-list.json
to update dependency