search

floatdrop / gulp-watch

Watch, that actually is an endless stream
MIT License
642 stars 99 forks source link

Update anymatch version in package.json #335

Open JonnyVaine opened 4 years ago

JonnyVaine commented 4 years ago

Hello,

Could you please update the version of anymatch in your package.json file?

While running npm audit, I get the following issue:

=== npm audit security report ===

Low | Regular Expression Denial of Service Package | braces Patched in | >=2.3.1 Dependency of | gulp-watch [dev] Path | gulp-watch > anymatch > micromatch > braces More info | https://nodesecurity.io/advisories/786

While only a low priority, would be good to be using most up to date versions.

JonnyVaine commented 4 years ago

@aglotoff @floatdrop

thezealousfool commented 4 years ago

Duplicate https://github.com/floatdrop/gulp-watch/issues/321

JayBox325 commented 4 years ago

I'm on 5.0.1 and yarn audit is still flagging this as a security issue.

RubenT86 commented 3 years ago

Still an issue.