Whitesource fixes - Githubissues

inmar / twine.js

A pipeline-based, extendable, fluent request library.

MIT License

1 stars 0 forks source link

Whitesource fixes #87

Closed llovett2 closed 3 years ago

llovett2 commented 3 years ago

Fixing vulnerabilities noted by WhiteSource Bolt

DV8FromTheWorld commented 3 years ago

This seems fine to me, however, due to how lerna works, you need to not bump the package version to 0.1.6 like this. Instead, after the PR merge, you can run lerna version locally and it will:

bump the package number for all packages
package up the packages
publish them

As such, to merge this, we need to remove the 0.1.6 bump.

llovett2 commented 3 years ago

This seems fine to me, however, due to how lerna works, you need to not bump the package version to 0.1.6 like this. Instead, after the PR merge, you can run lerna version locally and it will:

bump the package number for all packages

package up the packages

publish them

As such, to merge this, we need to remove the 0.1.6 bump.

Got it, thanks. Removing those changes now