Mozilla Monitor arms you with tools to keep your personal information safe. Find out what hackers already know about you and learn how to stay a step ahead of them.
Not sure if we want to use Renovate or Greenkeeper or something similar to keep the dependencies up to date.
I rm -rfed my ./node_modules/ and package-lock.json file and reinstalled everything from scratch and it seems that resolved the merge vuln module that was breaking CI recently. But, it seems like we have a few other stale modules:
$ npm outdated
Package
Current
Wanted
Latest
Location
x.y.z
dev?
babel-minify
0.4.3
0.4.3
0.5.0
blurts-server
minor
dev
dotenv
5.0.1
5.0.1
6.1.0
blurts-server
major
prod
eslint
4.19.1
4.19.1
5.8.0
blurts-server
major
dev
eslint-plugin-node
6.0.1
6.0.1
8.0.0
blurts-server
major
dev
fluent
0.8.1
0.8.1
0.9.1
blurts-server
minor
prod
got
8.3.2
8.3.2
9.3.1
blurts-server
major
prod
htmllint-cli
0.0.6
0.0.6
0.0.7
blurts-server
patch
dev
jsdom
11.12.0
11.12.0
13.0.0
blurts-server
major
prod
knex
0.14.6
0.14.6
0.15.2
blurts-server
minor
prod
onchange
4.1.0
4.1.0
5.1.0
blurts-server
major
dev
$ npm run lint:audit
> blurts-server@0.0.1 lint:audit /Users/pdehaan/dev/github/mozilla/blurts-server
> npm audit
=== npm audit security report ===
found 0 vulnerabilities
in 30273 scanned packages
Not sure if we want to use Renovate or Greenkeeper or something similar to keep the dependencies up to date.
I
rm -rf
ed my ./node_modules/ and package-lock.json file and reinstalled everything from scratch and it seems that resolved the merge vuln module that was breaking CI recently. But, it seems like we have a few other stale modules: