-
-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit 140d5c4
committed
dependencies: upgrade npm 6.13.1 -> 6.13.4
This fixes some security vulnerabilites, among them an arbitrary file overwrite.
The output of `npm audit` goes from this:
found 17 vulnerabilities (15 low, 2 high) in 13344 scanned packages
run `npm audit fix` to fix 6 of them.
1 vulnerability requires semver-major dependency updates.
10 vulnerabilities require manual review. See the full report for details.
To this:
found 5 vulnerabilities (3 low, 2 high) in 13370 scanned packages
1 vulnerability requires semver-major dependency updates.
4 vulnerabilities require manual review. See the full report for details.
Changelog:
- https://github.com/npm/cli/releases
6.13.4 (2019-12-11)
BUGFIXES
320ac9aee npm/bin-links#12 npm/gentle-fs#7 Do not remove global bin/man links inappropriately (@isaacs)
DEPENDENCIES
52fd21061 [email protected] (@isaacs)
d06f5c0b0 [email protected] (@isaacs)
6.13.3 (2019-12-09)
DEPENDENCIES
19ce061a2 [email protected] Properly normalize, sanitize, and verify bin entries in package.json.
59c836aae [email protected]
fb4ecd7d2 [email protected]
5f33040 #476 npm/pacote#22 npm/pacote#14 fix: Do not drop perms in git when not root (isaacs, @darcyclarke)
6f229f7 sanitize and normalize package bin field (isaacs)
1743cb339 [email protected]
6.13.2 (2019-12-03)
BUG FIXES
4429645b3 #546 fix docs target typo (@richardlau)
867642942 #142 fix(packageRelativePath): fix 'where' for file deps (@larsgw)
d480f2c17 #527 Revert "windows: Add preliminary WSL support for npm and npx" (@craigloewen-msft)
e4b97962e #504 remove unnecessary package.json read when reading shrinkwrap (@Lighting-Jack)
1c65d26ac #501 fix(fund): open url for string shorthand (@ruyadorno)
ae7afe565 #263 Don't log error message if git tagging is disabled (@woppa684)
4c1b16f6a #182 Warn the user that it is uninstalling npm-install (@Hoidberg)1 parent b6105d8 commit 140d5c4Copy full SHA for 140d5c4
File tree
Expand file treeCollapse file tree
2 files changed
+506
-917
lines changedFilter options
- src
Expand file treeCollapse file tree
2 files changed
+506
-917
lines changed
0 commit comments