search

newrelic / nr1-network-telemetry

NR1 Network Telemetry gives you real time IPfix and Sflow visualization of network data passing through your system.
https://discuss.newrelic.com/t/network-telemetry-nerdpack/90561
Apache License 2.0
12 stars 11 forks source link

chore: update devDependencies to address minimist vulnerability #35

Closed jbeveland27 closed 4 years ago

jbeveland27 commented 4 years ago

Description

There's currently an open security alert for minimist. This is only an issue for dev environments, so it's not ultra urgent.

To address this, we need to update multiple devDependencies. At the least:

Then check for deps than can be automatically updated:

npm audit # review what's out of date
npm audit fix

Finally, run:

rm -rf node_modules
npm install

An alternative solution: consider reducing the number of devDeps to align with the open source template.

Verifying Update

npm ls minimist # verify all versions >=1.2.2

Related: https://github.com/newrelic/nr1-network-telemetry/pull/34#pullrequestreview-384000895