Getting security vulnerability detected in mem < 4.0.0 from github

sezna / nps

NPM Package Scripts -- All the benefits of npm scripts without the cost of a bloated package.json and limits of json

MIT License

1.43k stars 93 forks source link

Closed VivekFitkariwala closed 4 years ago

VivekFitkariwala commented 4 years ago

Getting security vulnerability detected in mem < 4.0.0 when using nps.

Solution: Upgrading yargs to latest version which don't use os-locale which has dependency on mem

VivekFitkariwala commented 4 years ago

I have added a pull request upgrading yargs and fixing test cases accordingly https://github.com/sezna/nps/pull/210

sezna commented 4 years ago

Thank you for this!