Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixed project's vulnerabilities and updated outdated packages #8

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

fixed project's vulnerabilities and updated outdated packages #8

wants to merge 3 commits into from

Conversation

StefanNieuwenhuis
Copy link

A number of packages relied on older versions of lodash and mixin-deep, which resulted in 279 vulnerabilities. Ran npm audit fix to solve this.

Updated the following outdated packages:

  • eslint-loader
  • @babel/core
  • eslint-plugin-import
  • webpack-dev-server
  • @babel/preset-env
  • @babel/register
  • webpack-cli
  • webpack

sanjaypradeep
sanjaypradeep reviewed Dec 19, 2019
View reviewed changes
package.json
"@babel/core": "^7.4.3",
"@babel/preset-env": "^7.4.3",
"@babel/register": "^7.4.0",
"@babel/core": "^7.7.4",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes might help developers around the globe, installing latest packages.

sanjaypradeep
sanjaypradeep reviewed Dec 19, 2019
View reviewed changes
package-lock.json Outdated
"@babel/traverse": "^7.4.5",
"@babel/types": "^7.4.4",
"convert-source-map": "^1.1.0",
"version": "7.7.4",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this files isn't needed to be pushed inside the repository. Please remove it.

sanjaypradeep
sanjaypradeep suggested changes Dec 19, 2019
View reviewed changes
Copy link

@sanjaypradeep sanjaypradeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove package-lock.json from this PR.

Stefan Nieuwenhuis added 2 commits December 19, 2019 12:48
sanjaypradeep
sanjaypradeep suggested changes Dec 19, 2019
View reviewed changes
Copy link

@sanjaypradeep sanjaypradeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to go!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sanjaypradeep sanjaypradeep sanjaypradeep approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@StefanNieuwenhuis @sanjaypradeep