Closed dsmorse closed 4 years ago
@dsmorse - thanks for contributing this! Can you please join our contributors community by signing JFrog's CLA so that we can merge this?
No problem. I have submitted it
Looks like this one can be closed, since version 2.0.10 includes the upgrade of the request package.
Description This PR fixes one or more vulnerable packages in the npm dependencies of this project. See the Snyk test report for more details.
Snyk Project: dsmorse/bower-art-resolver:package.json Snyk Organization: dsmorse Lockfile If you are using package-lock.json or yarn.lock, please re-lock your dependencies and push an updated lockfile before merging this PR.
Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: package.json Vulnerabilities that will be fixed With an upgrade: npm:cryptiles:20180710 npm:hoek:20180212 npm:tunnel-agent:20170305