search

rroylance / phaser-ce-npm-webpack-typescript-starter-project

Project to get you started with your Phaser-CE (using the npm module) game using Typescript and Webpack for building! No hassle asset management, Google Web Font loader, live server, development vs distribution build pipeline, Electron packaging for desktop builds, and more...
https://rroylance.github.io/phaser-npm-webpack-typescript-starter-project/
The Unlicense
423 stars 73 forks source link

Security risk for webpack-dev-server #68

Closed jdeblander closed 5 years ago

jdeblander commented 5 years ago

Describe the bug When using npm audit, this results in 1 high severity vulnerability for webpack-dev-server v3.1.10.

To Reproduce Steps to reproduce the behavior:

  1. run npm audit
  2. See audit report

Expected behavior No vulnerabilities 😄

Report

                       === npm audit security report ===

# Run  npm install webpack-dev-server@3.1.14  to resolve 1 vulnerability

  High            Missing Origin Validation

  Package         webpack-dev-server

  Dependency of   webpack-dev-server

  Path            webpack-dev-server

  More info       https://nodesecurity.io/advisories/725

Additional context Updating webpack-dev-server to 3.1.14 should fix this.

I've made a pull request #69.

rroylance commented 5 years ago

Thank you very much @jdeblander!