fix: Bump glob-all to remove vulnerable minimist version

iandotkelly / nlf

Node License Finder

MIT License

153 stars 41 forks source link

fix: Bump glob-all to remove vulnerable minimist version #64

Closed rajivshah3 closed 4 years ago

rajivshah3 commented 4 years ago

Fixes #63

glob-all included a vulnerable version of minimist as a nested dependency. This is removed in glob-all3.2.1.

coveralls commented 4 years ago

Coverage remained the same at 95.402% when pulling ce474d5665735072bfec98fa64f4fb791eb4cc71 on rajivshah3:fix/minimist into fdd5f9111515e2f4490068d05536ccc6311e3f2d on iandotkelly:master.

Hypnosphi commented 4 years ago

@iandotkelly can you please release this?

Hypnosphi commented 4 years ago

@iandotkelly sorry for pinging you again. Do you think you can give me publish permissions on NPM, so that I would publish this for you? https://www.npmjs.com/~hypnosphi

Hypnosphi commented 3 years ago

I have published the latest master as a scoped package @hypnosphi/nlf