Skip to content

4.0.0
Compare
Choose a tag to compare
@jakesjews jakesjews released this 09 Feb 22:19
· 21 commits to master since this release
4.0.0
5bc3bba
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
  • Run processes through execa
    • This prevents command injection which was possible with the old method of using process.exec. Thanks to Fábio Freitas (@0xfabiof) from the CxSCA AppSec team at Checkmarx for discovering a vulnerability with the library!
    • The new way of running processes is fairly different so there is a risk of breaking changes.
Assets 2
Loading