Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update nodemon to remove malware #2864

Merged
merged 1 commit into from
Dec 2, 2018
Merged

Update nodemon to remove malware #2864

merged 1 commit into from
Dec 2, 2018

Conversation

jaredtbates
Copy link
Contributor

Our corporate antivirus caught this- nodemon plus multiple downstream dependencies are updating due to a vulnerability in the dependency "event-stream". More info can be found here: dominictarr/event-stream#116 and https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident.

@CLAassistant
Copy link

CLAassistant commented Nov 30, 2018
edited
Loading

CLA assistant check
All committers have signed the CLA.

@brian-mann
Copy link
Member

With the ^ already set, that means that patches would automatically be installed without needing to explicitly set the version in package.json, which makes this unnecessary, but I will still merge this regardless.

@brian-mann brian-mann added this to the Sprint 13 milestone Dec 2, 2018
@brian-mann brian-mann merged commit 742e0d3 into cypress-io:develop Dec 2, 2018
@brian-mann
Copy link
Member

Released in 3.1.3.

@noahblon noahblon mentioned this pull request Nov 27, 2023
Open
@ajesse11x ajesse11x mentioned this pull request Nov 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Sprint 13
Development

Successfully merging this pull request may close these issues.
3 participants
@jaredtbates @CLAassistant @brian-mann