-
-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix npm Vulnerabilities #216
base: main
Are you sure you want to change the base?
Conversation
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/sneakyhead/snuggsi/2xd1u9gjd |
@brandondees @JoshuaBehrens whoops on the re-review request. Was trying out some features. That said. Check this out. The "AHA" moment is happening! It's always been there as we know. but what's different about this year is the amount of confirming comments. Few years ago when we started the tone was "yeah right. INSTALL ALL THE THINGS". Now..... "Somebody help me". >>> https://css-tricks.com/npm-ruin-dev/ read the comments
Seems like "Boring by default" is that (old) new wave 😎 /cc @rianby64 @tmornini @cristhiandick @VicenteRD @btakita @foreverc9 @kurtcagle @janz93 ☝🏽 |
@snuggs looks like the fix on browsersync is to update its subdependencies more explicitly or do a re-install so that they get bumped up |
Fixes #215
browser-sync
&localtunnel
Notes
Would prefer to upgrade to `[email protected] but seems to be breaking changes and introduces 10 more manual vulnerability reviews.