Closed mririgoyen closed 3 years ago
The version of bl that is included in tar-stream (4.0.1) is affected by https://npmjs.com/advisories/1555. bl has released 4.0.3 which fixes this.
bl
tar-stream
An update of bl to the latest would be appreciated to resolve this security vulnerability.
Looks like a PR already exists for this request: https://github.com/mafintosh/tar-stream/pull/125
Hi, 4.0.3 is already covered by the package.json
The version of
bl
that is included intar-stream
(4.0.1) is affected by https://npmjs.com/advisories/1555.bl
has released 4.0.3 which fixes this.An update of
bl
to the latest would be appreciated to resolve this security vulnerability.