#49547 closed defect (bug) (fixed)
Update/Audit npm Dependencies for 5.4
Reported by: | garrett-eclipse | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 5.4 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Build/Test Tools | Keywords: | needs-patch |
Focuses: | Cc: |
Description
In 5.3 the security team did an audit/update to the NPM dependencies. This was done in #48203 by @whyisjake and @jorbin.
If it's not too late for 5.4 we should try to get in the habit for major releases to run through these and address as much as we can.
As of writing these running an npm install
on trunk gives a warning for 16 vulnerabilities (1 low, 6 moderate, 9 high).
Attachments (2)
Change History (6)
#4
@
5 years ago
Adding an upstream PR here: https://github.com/gruntjs/grunt-contrib-imagemin/pull/392.
There are a few issues we can fix and sneak into 5.4.
Note: See
TracTickets for help on using
tickets.
Result of running
npm audit