-
Notifications
You must be signed in to change notification settings - Fork 260
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rc dependency - out of date #493
Comments
There is an rc PR to update the version of minimist dominictarr/rc#114 but not sure how likely it is to get merged |
I did see that, but after no action on that lib for 3 years, I figured it would be faster to incorporate the code into your library and remove the dependency. It is quite surprising how far reaching the minimist vulnerability is... I have over 300 npm warnings in my project as a result. Thanks for the reply. |
This is fixed in @mapbox/node-pre-gyp@1.0.0 which no longer uses |
Cool Beans :) |
It appears that you have yet another security problem with a lib called rc. This library(rc) is out of date (refers to minimist which has had a security update), and does not appear to be maintained. recommend that you removed this (rc) dependency...
The text was updated successfully, but these errors were encountered: