Skip to content
This repository has been archived by the owner on Aug 4, 2021. It is now read-only.

fix: update rollup-pluginutils to fix npm audit #29

Merged
merged 1 commit into from
Mar 18, 2019

Conversation

nolanlawson
Copy link
Contributor

This updates rollup-pluginutils to fix an npm audit warning.

Warning:

                       === npm audit security report ===

# Run  npm install [email protected]  to resolve 1 vulnerability
# ┌───────────────┬──────────────────────────────────────────────────────────────┐
# │ Low           │ Regular Expression Denial of Service                         │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Package       │ braces                                                       │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Dependency of │ rollup-pluginutils                                           │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Path          │ rollup-pluginutils > micromatch > braces                     │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ More info     │ https://npmjs.com/advisories/786                             │
# └───────────────┴──────────────────────────────────────────────────────────────┘
#
#
# # Run  npm update rollup-pluginutils --depth 2  to resolve 1 vulnerability
# ┌───────────────┬──────────────────────────────────────────────────────────────┐
# │ Low           │ Regular Expression Denial of Service                         │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Package       │ braces                                                       │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Dependency of │ rollup-plugin-buble                                          │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ Path          │ rollup-plugin-buble > rollup-pluginutils > micromatch >      │
# │               │ braces                                                       │
# ├───────────────┼──────────────────────────────────────────────────────────────┤
# │ More info     │ https://npmjs.com/advisories/786                             │
# └───────────────┴──────────────────────────────────────────────────────────────┘
#
#
# found 2 low severity vulnerabilities in 1590 scanned packages
#   run `npm audit fix` to fix 2 of them.
#   r

@lukastaegert lukastaegert merged commit de24cb5 into rollup:master Mar 18, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants