High severity vulnerability in gluegun dependency (apisauce)

infinitered / solidarity

Solidarity is an environment checker for project dependencies across multiple machines.

https://infinitered.github.io/solidarity/

MIT License

639 stars 49 forks source link

High severity vulnerability in gluegun dependency (apisauce) #260

Closed loiclouvet closed 3 years ago

loiclouvet commented 3 years ago

Hello :) Solidarity currently depends on gluegun@4.2.0 which depends on a version of axios with the high severity vulnerability https://www.npmjs.com/advisories/1594. Can we please upgrade gluegun to latest version ?

GantMan commented 3 years ago

Sounds good. Do you want to do a PR? If not I can put this on a TODO list.

loiclouvet commented 3 years ago

Hi @GantMan Sorry, didn't see your reply. I made a local PR but I'm waiting for this MR to be merged :)

GantMan commented 3 years ago

I merged that, now we'll just need a new version pushed and then an update. Thanks!