Closed AaronMoat closed 4 months ago
thanks for the merge, however I still see the issue still open, how should we resolve it?
@thanhnhan2tn do you mean the flagged security vulnerability in Snyk/Blackduck/et al? You'll need to talk to your security vendor and have them fix it on their end, as maintainers of OSS software cannot do that for you
Loved this comment @jonschlinkert : https://github.com/micromatch/braces/pull/37#issuecomment-2121649614
I have a bias for explicit configuration closer to the process - rather than an env var. Are we happy with simply lowering it?