Closed bajtos closed 6 years ago
Please note that the latest versions of jscs & jshint are depending on a lodash version that's vulnerable to Prototype Pollution. Since these are dev-dependencies, I think we don't need to worry.
If we wanted to fix the problem, we would have to migrate from jshint+jscs to eslint+eslint-config-loopback.
This fix is needed to make
npm test
in loopback-workspace pass again. Right now, applications scaffolded for LB 2.x are failing theirnpm test
because of security vulnerabilities reported bynsp check
.