Closed mwakerman closed 6 years ago
If you want to fix ci test, follow me:
I know that removing ssl in this case isn't the best solution however for older versions of the node you can use proxy but that solution fix the ci test.
I believe that next release that repo can remove the Node < 4 support, but that fix is most important than next release.
@gustavobeavis done (I think)
@mwakerman Thanks, I'll make a release soon.
Merged to dev
branch, closing this.
Vulnerability alert still pops up with 0.5.1
Vulnerability alert still pops up with 0.5.1 @Pablodotnet
is this an erroneous alert or is the package still vulnerable?
I don't think so, at least I don't have any proofs that it happens. There is a test for that: https://github.com/unclechu/node-deep-extend/blob/f3f2b4f30fffe8abc9a99a7d6469fb354ca206e9/test/index.spec.js#L260-L266
See https://hackerone.com/reports/311333.
Resolves #39