Update to Globule 1.2.0

shama / gaze

:crystal_ball: A globbing fs.watch wrapper built from the best parts of other fine watch libs.

MIT License

1.16k stars 167 forks source link

Update to Globule 1.2.0 #244

Closed IridescentShadow closed 6 years ago

IridescentShadow commented 7 years ago

Globule has released version 1.2.0 which updates the required version of minimatch to 3.0.2. This version patches the regular expression denial of service issue described in https://nodesecurity.io/advisories/118.

Gaze should be updated to require the new version of globule.

shama commented 6 years ago

Since globule is tagged with ^1.0.0 it will install the latest minor version of globule, including 1.2.0.

If you want to force the update, you can do npm cache clean && npm install to get the latest dependencies.