Fabianopb
commented
6 years ago Maybe @jhamlet can give it a go after @benwiley4000 updates the PR?
Closed benwiley4000 closed 6 years ago
Fabianopb
commented
6 years ago Maybe @jhamlet can give it a go after @benwiley4000 updates the PR?
benwiley4000
commented
6 years ago Thanks for flagging @Fabianopb. I've pushed an update. @jhamlet do you think you might have time to review soon? :slightly_smiling_face:
jhamlet
commented
6 years ago All.
Apologies for the delay. Been super swamped. I’ll take a look at this (and other outstanding requests) this weekend.
;-j
jhamlet
commented
6 years ago Merged and updated.
benwiley4000
commented
6 years ago @jhamlet thank you!
Hey! Thanks for this project. :)
I was unable to automatically resolve the
cssvulnerability in my own package, which is there because svg-react-loader relies on a pinned version 2.2.1 of svg-react-loader.I upgraded all the npm audit vulnerabilities, and added a package-lock.json. With that, it might be advisable to change the pinned package.json version numbers to patch-flexible (
~) or minor-flexible (^). That way it would be a bit easier to remove my own vulnerabilities in the future, without having to open a pull request. :slightly_smiling_face: I left them how they are for now.npm testpasses green.I also ran
npm run karma, although I didn't see anything happen after webpack built, so not sure what to do with that.