Closed idleberg closed 6 years ago
After adding eclint to my dependencies, GitHub warns me about one sub-dependency of being vulnerable.
eclint
─┬ gulp-reporter@2.8.2 ├─┬ goo.gl@0.1.4 │ ├── commander@2.2.0 │ ├── q@1.0.1 │ └─┬ request@2.40.0 │ ├── aws-sign2@0.5.0 │ ├── forever-agent@0.5.2 │ ├─┬ form-data@0.1.4 │ │ ├── async@0.9.2 │ │ ├─┬ combined-stream@0.0.7 │ │ │ └── delayed-stream@0.0.5 │ │ └── mime@1.2.11 │ ├─┬ hawk@1.1.1 │ │ ├─┬ boom@0.4.2 │ │ │ └── **hoek@0.9.x** │ │ ├─┬ cryptiles@0.2.2 │ │ │ └── boom@0.4.2 deduped │ │ ├── **hoek@0.9.x** │ │ └─┬ sntp@0.2.4 │ │ └── **hoek@0.9.x**
I know that this is possibly out of your scope, but wanted to report it anyway.
fixed in gulp-reporter@2.8.3
After adding
eclint
to my dependencies, GitHub warns me about one sub-dependency of being vulnerable.I know that this is possibly out of your scope, but wanted to report it anyway.