de-dan
commented
3 years ago Created Pull Request: https://github.com/nathansmith/unsemantic/pull/105
Please review
Closed de-dan closed 3 years ago
de-dan
commented
3 years ago Created Pull Request: https://github.com/nathansmith/unsemantic/pull/105
Please review
nathansmith
commented
3 years ago cc: @de-dan
Reviewing now. Sorry for the delay.
Hey there, the title says it all. Please update the dependencies and release a new version on npm.
Below is the npm audit report.
Thank you in advance!
npm audit report
node-fetch <=2.6.0 || 3.0.0-beta.1 - 3.0.0-beta.8 Denial of Service - https://npmjs.com/advisories/1556 fix available via
npm audit fix --forceWill install unsemantic@1.1.3, which is a breaking change node_modules/node-fetch isomorphic-fetch 2.0.0 - 2.2.1 Depends on vulnerable versions of node-fetch node_modules/isomorphic-fetch fbjs 0.7.0 - 1.0.0 Depends on vulnerable versions of isomorphic-fetch node_modules/fbjs react 15.0.0-rc.1 - 16.4.2 Depends on vulnerable versions of fbjs node_modules/react unsemantic >=1.2.0 Depends on vulnerable versions of react node_modules/unsemantic5 low severity vulnerabilities