Update packages, hopefully fixing the github indicated vulnerabilities.

mozilla / action-input

INACTIVE - http://mzl.la/ghe-archive - A framework-agnostic input library that progressively handles flat, portal, and immersive web apps.

Mozilla Public License 2.0

9 stars 3 forks source link

Update packages, hopefully fixing the github indicated vulnerabilities. #15

Closed TrevorFSmith closed 6 years ago

TrevorFSmith commented 6 years ago

I just ran npm update to see if that clears up the dependency vulnerabilities indicated by GitHub, all of which were pretty deep in the dependency hierarchy.

fernandojsg commented 6 years ago

These messages with vulnerabilites are the new inbox 0, omg :D, thanks for looking at this

fernandojsg commented 6 years ago

It seems there're still two packages with conflicts. Do you know if there's a simple way to keep track of the dependencies within the dependencies? Because it doesn't seem to be one "first" level dependency but a second level one, so hard to keep track there