search

mmanela / chutzpah

Chutzpah is an open source JavaScript test runner which enables you to run unit tests using QUnit, Jasmine, Mocha and TypeScript.
http://mmanela.github.io/chutzpah/
Apache License 2.0
550 stars 142 forks source link

Upgrade minimist and acorn dependency to patch vulnerability #782

Closed plade closed 4 years ago

plade commented 4 years ago

Upgrade package-lock to fix minimist and acorn high severity vulnerability Sources for minimist:

  1. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598
  2. https://snyk.io/vuln/SNYK-JS-MINIMIST-559764

Sources for acorn:

  1. https://www.npmjs.com/advisories/1488
  2. https://snyk.io/vuln/SNYK-JS-ACORN-559469