Skip to content

0.13.1 - Hotfix
Compare
Choose a tag to compare
@mashpie mashpie released this 20 Aug 15:43
· 99 commits to master since this release
0.13.1
0c20329

Fixed

  • npx npm-force-resolutions failed #445

Details

A preinstall script was added to force resolving specific versions of lodash and ajv. Those are sub-dependencies of zombie and its packages. Zombie is devDependency of i18n. But zombie still refers to older versions reported to vulnerable - so I decided to force fixed versions.

Of course that preinstall should count on any npm install i18n, it's renamed to force-resolutions so I can still resolve audit issues in dev while also supporting clean installs.

"scripts": {
  "preinstall": "npx npm-force-resolutions"
}

now reads as

"scripts": {
  "force-resolutions": "npx npm-force-resolutions"
}

And doesn't get triggered by npm install.

Assets 2
Loading