Following a recent incident we are attempting to update all projects using node to node 8 and ensure all libraries have a package-lock.json. Whilst this will only affect developers of the library itself, it does add some small mitigations for thesee types of incidents.
What you need to do now?
As long as this is just a library, there's nothing really to test, just merge this PR and be thankful for the additional safety.
Security Update: Add package-lock.json
Following a recent incident we are attempting to update all projects using node to node 8 and ensure all libraries have a package-lock.json. Whilst this will only affect developers of the library itself, it does add some small mitigations for thesee types of incidents.
What you need to do now?
As long as this is just a library, there's nothing really to test, just merge this PR and be thankful for the additional safety.