npm audio security report, sync-exec, dependency of grunt-shell-spawn

[jeking3]

This can be resolved by following the instructions at https://www.npmjs.com/advisories/310

root@efc557466b90:/thrift/src/lib/js# npm audit

                       === npm audit security report ===


                                 Manual Review
             Some vulnerabilities require your attention to resolve

          Visit https://go.npm.me/audit-guide for additional guidance


  Moderate        Tmp files readable by other users

  Package         sync-exec

  Patched in      No patch available

  Dependency of   grunt-shell-spawn [dev]

  Path            grunt-shell-spawn > sync-exec

  More info       https://nodesecurity.io/advisories/310

found 1 moderate severity vulnerability in 2788 scanned packages
  1 vulnerability requires manual review. See the full report for details.

[mgs255]

I pushed 0.3.12 which should fix this.

[mgs255]

@jeking3 Created the release. I completely neglected to do this for the previous versions I pushed to NPM. Thanks for the heads up!

[jeking3]

No problem - npm doesn't seem to care but I think it would be smarter if they only worked on tags. However that's their call.