sindresorhus
commented
5 years ago This has been fixed in master. We'll do a new release when https://github.com/yeoman/update-notifier/issues/153 has been fixed and the open PRs have been merged.
Closed NessDan closed 5 years ago
sindresorhus
commented
5 years ago This has been fixed in master. We'll do a new release when https://github.com/yeoman/update-notifier/issues/153 has been fixed and the open PRs have been merged.
There's a vulnerability with the package
deep-extend, which is a sub-child of thelatest-versionpackage. The vulnerability exists on v3.0.0 (whatupdate-masteris currently using) but is fixed in v3.1.0 (this PR.)Upgrading it by a minor version fixes the issue.