Bump version of async in package.json

http-party / node-portfinder

A simple tool to find an open port or domain socket on the current machine

https://github.com/http-party/node-portfinder

Other

882 stars 95 forks source link

Bump version of async in package.json #132

Closed MasterOdin closed 2 years ago

MasterOdin commented 2 years ago

PR bumps the version of async dependency in package.json so that it's not possible to get a vulnerable version of async via this dependency. #130 only bumped the version in the package-lock.json file which only affects this repository, and not downstream consumers.

eriktrom commented 2 years ago

@MasterOdin - gratzi for saving me some time here :)