search

jsdoc2md / dmd

The default output template for jsdoc2md
MIT License
39 stars 49 forks source link

Address npm-audit warning about handlebars #68

Closed Krinkle closed 5 years ago

Krinkle commented 5 years ago 
                       === npm audit security report ===                        

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ handlebars                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ jsdoc-to-markdown [dev]                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ jsdoc-to-markdown > dmd > handlebars                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/755                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

From https://nodesecurity.io/advisories/755:

Remediation

Upgrade to version 4.0.13 or later.

Krinkle commented 5 years ago

Nevermind, the range already allows this. Just had to update my lock file. Sorry :)