It's nice that you're being active and opening issues (like: https://github.com/jedireza/drywall/issues/343). But a PR is a much more productive way to spend the energy. We have badges displayed in the readme for this.
I'm renaming the issue and adding the help-wanted flag. You're welcome and encouraged to join in and contribute. Just to be clear, I'm asking that you refrain from opening more issues about "insecure dependencies" that don't include a PR.
While we're at it let's review the badges we're displaying:
In this case the insecure dependency (hapi@11.x a dev-dependency) is only installed when running the test suite for this repo. In an app consuming this module, the version of hapi they install is set by them.
It's nice that you're being active and opening issues (like: https://github.com/jedireza/drywall/issues/343). But a PR is a much more productive way to spend the energy. We have badges displayed in the readme for this.
I'm renaming the issue and adding the help-wanted flag. You're welcome and encouraged to join in and contribute. Just to be clear, I'm asking that you refrain from opening more issues about "insecure dependencies" that don't include a PR.
While we're at it let's review the badges we're displaying:
In this case the insecure dependency (
hapi@11.x
a dev-dependency) is only installed when running the test suite for this repo. In an app consuming this module, the version ofhapi
they install is set by them.Thanks again. I look forward to a PR :+1: