Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#376 - Fix security vulnerability in glob-parent #377

Closed

Conversation

pgillislb
Copy link

What is the purpose of this pull request?

Update the version of glob-parent to resolve security vulnerability

What changes did you make? (Give an overview)

There are no functional changes here, just a dependency update

Peter Gillis added 2 commits January 5, 2023 15:37
Change version of glob-parent to 6.0.2 for a security vulnerability

Closes mrmlnc#376
@alexgleason
Copy link

@mrmlnc Plz merge this, copy-webpack-plugin depends on it so multiple steps are needed to get this out of our vulnerability reports.

image

@nutkur
Copy link

nutkur commented Jan 12, 2023

Thank you @alexgleason and @pgillislb for this PR. @mrmlnc can we get this merged sooner? The vulnerability reports are blocking our release

@johndiiorio
Copy link

@pgillislb @alexgleason @nutkur [email protected] is not vulnerable, see #368. This should not be merged.

@alexgleason
Copy link

@johndiiorio Thank you. That was enlightening!

@mrmlnc
Copy link
Owner

mrmlnc commented Jan 13, 2023

@johndiiorio Thank you!

I do not plan to merge this PR, as it is not a real vulnerability, but a problem in yet another security scanner.

This dependency will be updated in the next major version of the package (#371).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants