Closed Ilshidur closed 6 years ago
Is it possible to merge the branch listr
? As it contains the fix for this issue, it would be nice to publish it to npm if this is production ready :+1:
Otherwise, I can open a PR with an update of package.json
:-)
This is now also causing a deprecation warning for gulp-util
, which the older download
still used.
Unfortunately, it looks like the API has been changed in this branch, and is incompatible with the libraries I tried. They would have to be updated, too.
PR for this is in https://github.com/kevva/bin-wrapper/pull/65
Some dependencies of the version 3.0.2 are vulnerable. It would be nice to update them.
Or at least (in package.json) :
"download": "^4.0.0"
to"download": "^5.0.1"
because 4.4.3 is vulnerable and 5.0.1 fixed it.The better would be to update
"download": "^4.0.0"
to"download": "^6.2.5"
(the latest version released).I can open a PR in case you don't have the time.
EDIT : Seems to be fixed here.