Bump nightmare version to fix security warnings as per npm audit

meteor / todos

The example app "Todos", written following the Meteor Guide

Other

535 stars 366 forks source link

Bump nightmare version to fix security warnings as per npm audit #266

Closed html5cat closed 6 years ago

html5cat commented 6 years ago

Before:

found 47 vulnerabilities (25 low, 17 moderate, 4 high, 1 critical) in 2013 scanned packages
  run `npm audit fix` to fix 32 of them.
  15 vulnerabilities require semver-major dependency updates.

After:

found 6 low severity vulnerabilities in 2010 scanned packages
  run `npm audit fix` to fix 2 of them.
  3 vulnerabilities require semver-major dependency updates.
  1 vulnerability requires manual review. See the full report for details.

apollo-cla commented 6 years ago

@html5cat: Thank you for submitting a pull request! Before we can merge it, you'll need to sign the Meteor Contributor Agreement here: https://contribute.meteor.com/

html5cat commented 6 years ago

3 more can be fixed by bumping eslint from ^3.5.0 to ^4.19.1 but it would be nice to have @benjamn take a look first ☺️

benjamn commented 6 years ago

Thanks @html5cat! 👋