search

mmacneil / devfolio

A simple, responsive, single-page portfolio and resume for developers built with Bulma, Sass, Font Awesome and Flickity.
MIT License
505 stars 132 forks source link

Dependencies have severe vulnerabilities #7

Closed PaulMcInnis closed 4 years ago

PaulMcInnis commented 4 years ago

Dependabot and npm warn of these, but in particular these cannot be automatically updated by it: Upgrade dot-prop to version 4.2.1 or later. Upgrade serialize-javascript to version 3.1.0 or later.

Thanks for the template!

mmacneil commented 4 years ago

Thanks, @PaulMcInnis - just updated, and vulnerability warnings have vanished - for now :)