Closed Danp2 closed 2 years ago
I was looking at the existing DevDependencies section in package.json and noticed that they hadn't been updated in a while.
package.json
> npm outdated Package Current Wanted Latest Location Depended by @babel/core 7.12.10 7.17.8 7.17.8 node_modules/@babel/core AutoIt-VSCode @babel/preset-env 7.12.11 7.16.11 7.16.11 node_modules/@babel/preset-env AutoIt-VSCode @types/vscode 1.58.0 1.65.0 1.65.0 node_modules/@types/vscode AutoIt-VSCode babel-loader 8.2.2 8.2.3 8.2.3 node_modules/babel-loader AutoIt-VSCode eslint 5.16.0 5.16.0 8.11.0 node_modules/eslint AutoIt-VSCode eslint-config-airbnb-base 13.2.0 13.2.0 15.0.0 node_modules/eslint-config-airbnb-base AutoIt-VSCode eslint-config-prettier 6.15.0 6.15.0 8.5.0 node_modules/eslint-config-prettier AutoIt-VSCode eslint-plugin-import 2.23.4 2.25.4 2.25.4 node_modules/eslint-plugin-import AutoIt-VSCode eslint-plugin-prettier 3.4.0 3.4.1 4.0.0 node_modules/eslint-plugin-prettier AutoIt-VSCode prettier 1.19.1 1.19.1 2.6.0 node_modules/prettier AutoIt-VSCode typescript 3.5.3 3.9.10 4.6.2 node_modules/typescript AutoIt-VSCode webpack 5.44.0 5.70.0 5.70.0 node_modules/webpack AutoIt-VSCode > npm audit # npm audit report ansi-regex >2.1.1 <5.0.1 Severity: moderate Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw fix available via `npm audit fix --force` Will install eslint@8.11.0, which is a breaking change node_modules/ansi-regex node_modules/inquirer/node_modules/ansi-regex node_modules/table/node_modules/ansi-regex strip-ansi 4.0.0 - 5.2.0 Depends on vulnerable versions of ansi-regex node_modules/inquirer/node_modules/strip-ansi node_modules/strip-ansi node_modules/table/node_modules/strip-ansi eslint 4.5.0 - 7.15.0 Depends on vulnerable versions of inquirer Depends on vulnerable versions of strip-ansi Depends on vulnerable versions of table node_modules/eslint eslint-config-airbnb-base 12.0.0 - 14.1.0 Depends on vulnerable versions of eslint node_modules/eslint-config-airbnb-base inquirer 3.2.0 - 7.0.4 Depends on vulnerable versions of string-width Depends on vulnerable versions of strip-ansi node_modules/inquirer string-width 2.1.0 - 4.1.0 Depends on vulnerable versions of strip-ansi node_modules/string-width node_modules/table/node_modules/string-width table 4.0.2 - 5.4.6 Depends on vulnerable versions of string-width node_modules/table 7 moderate severity vulnerabilities To address all issues (including breaking changes), run: npm audit fix --force
Good point, I'll start a branch for that
I was looking at the existing DevDependencies section in
package.json
and noticed that they hadn't been updated in a while.