Skip to content

Commit

Permalink
Bump packages on vulnerability paths (#138)
Browse files Browse the repository at this point in the history 
The braces package has this vulnerability:

https://nodesecurity.io/advisories/786

It's fixed as of version 2.3.1.

This updates all copies of the micromatch
dependency in the tree to bring in a version of
braces with the fix.
  • Loading branch information
@tombye @jackfranklin
tombye authored and jackfranklin committed May 30, 2019
1 parent 174cd3b commit 595ab83
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,10 @@
"dependencies": {
"array-unique": "^0.2.1",
"fancy-log": "^1.2.0",
"findup-sync": "^0.4.0",
"findup-sync": "^3.0.0",
"gulplog": "^1.0.0",
"has-gulplog": "^0.1.0",
"micromatch": "^2.3.8",
"micromatch": "^3.1.10",
"resolve": "^1.1.7"
},
"devDependencies": {
Expand Down

0 comments on commit 595ab83

Please sign in to comment.