Closed hong4rc closed 5 years ago
Update adm-zip. ^0.4 is insecure.
adm-zip
^0.4
^0.4 will install 0.4.13 anyway, so it this really a problem? Plus the vulnerability in old versions doesn't affect node-steam anyway, since it doesn't extract to disk.
Update
adm-zip
.^0.4
is insecure.