Closed snyk-community closed 7 years ago
@snyk-community, thank you for this PR! Can you please sign JFrog's CLA so that we can merge this?
Is there a plan to merge this change soon ?
@prycec, since we can't merge this pull request, we'll soon implement this through a different commit.
@prycec and @snyk-community, Version 2.0.8 of the bower-art-resolver package includes the change.
bower-art-resolver currently has a 2 vulnerable dependency paths, introducing 2 different types of known vulnerabilities.
This PR fixes vulnerable dependencies.
hawk
dependency.request
dependency.You can see Snyk test report of this project for details.
This PR changes
Package.json
to upgraderequest
to the newer 2.74.0 version, and will fix all the vulnerabilities.You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.
Stay Secure, The Snyk Team