Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade dependencies #185

Merged
merged 1 commit into from
Jun 8, 2021

Conversation

resynthesize
Copy link
Contributor

trim-newlines 4.0.0 has a high severity CVE vulnerability noted here: https://www.npmjs.com/advisories/1753 - this PR updates to the version mentioned in the CVE.

@sindresorhus
Copy link
Owner

To be clear, it doesn't affect meow at all.

@sindresorhus sindresorhus changed the title Upgrade trim-newlines to 4.0.1 Upgrade dependencies Jun 8, 2021
@sindresorhus sindresorhus merged commit a0daf20 into sindresorhus:main Jun 8, 2021
@pitgrap
Copy link

pitgrap commented Jun 8, 2021

Afaik "^" with semver already covered this update and I don't see any lock file in this repository. But anyways thanks you for the update and release!

@voxpelli
Copy link
Contributor

voxpelli commented Jun 9, 2021

@pitgrap This way users of meow will get the subdependency update for free when they update meow, else they need to do a lock-file update as well

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants