Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix most npm vulnerabilities #1

Merged
merged 1 commit into from
Jun 17, 2021
Merged

Fix most npm vulnerabilities #1

merged 1 commit into from
Jun 17, 2021

Conversation

ccummings
Copy link
Contributor

There are a few npm warnings remaining but they rely on other packages to update like React:
facebook/create-react-app#11054

For now, I've switched the build to use Yarn which allows us to use resolutions to include the newer versions of these insecure packages.

The end result is that npm will still say there are fixes required, but the actual packages being used to build this package are the fixed versions.

Fix most npm vulnerabilities
6b0daab 
There are a few npm warnings remaining but they rely on other packages to update like React:
facebook/create-react-app#11054

For now, I've switched the build to use Yarn which allows us to use resolutions to include the newer versions of these insecure packages.

The end result is that npm will still say there are fixes required, but the actual packages being used to build this package are the fixed versions.
@leenyburger leenyburger merged commit 936996f into leenyburger:master Jun 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ccummings @leenyburger