Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PLEASE READ for NPM "vulnerability" fix #36

Open
jonschlinkert opened this issue Jul 12, 2019 · 1 comment
Open

PLEASE READ for NPM "vulnerability" fix #36

jonschlinkert opened this issue Jul 12, 2019 · 1 comment

Comments

@jonschlinkert
Copy link
Member

jonschlinkert commented Jul 12, 2019
edited

Please don't create issues about vulnerabilities, or pull-requests, related to mixin-deep. The library was patched, and we don't need to do any additional work here. You will automatically get the patched version by deleting node_modules and reinstalling.

However, NPM is erroneously reporting the vulnerability still. You can see that NPM is incorrect by running Snyk.

Please read this for more information on fixing the issue.
@jonschlinkert jonschlinkert pinned this issue Jul 12, 2019
@base base locked as resolved and limited conversation to collaborators Jul 12, 2019
@doowb
Copy link
Member

doowb commented Jul 12, 2019

FYI... I ran Snyk on a project with webpack where npm audit was reporting the vulnerabilities, but when running the following Snyk command I get 0 vulnerabilities:

$ snyk test --dev

image

@jonschlinkert jonschlinkert changed the title Fix: Delete node_modules, reinstall PLEASE READ for NPM "vulnerability" fix Jul 12, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jonschlinkert @doowb