Installing amdi18n-loader NPM Package Shows Critical Vulnerability #31

umar-khan · 2019-06-11T21:14:53Z

Overview:
amdi18n-loader currently uses an outdated 'mocha' dependency which has a critical vulnerability in one of it's dependencies growl and a low level vulnerability in debug.

Details:
This package has a dev dependency for the following package.
"mocha": "^3.2.0"

This version of mocha uses an outdated version of the following packages:
"growl": "1.9.2"
"debug": "2.6.8"

Npm vulnerability advisory:
https://www.npmjs.com/advisories/146
https://npmjs.com/advisories/534

The text was updated successfully, but these errors were encountered:

Closes: #31 - Update mocha version to ^6.0.0

umar-khan mentioned this issue Jun 12, 2019

Closes: #31 - Update mocha version to ^6.0.0 #32

Merged

TooBug closed this as completed in #32 Jun 12, 2019

TooBug added a commit that referenced this issue Jun 12, 2019

Merge pull request #32 from umar-khan/update-mocha-version

a6bcb43

Closes: #31 - Update mocha version to ^6.0.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Installing amdi18n-loader NPM Package Shows Critical Vulnerability #31

Installing amdi18n-loader NPM Package Shows Critical Vulnerability #31

umar-khan commented Jun 11, 2019

Installing amdi18n-loader NPM Package Shows Critical Vulnerability #31

Installing amdi18n-loader NPM Package Shows Critical Vulnerability #31

Comments

umar-khan commented Jun 11, 2019