-
Notifications
You must be signed in to change notification settings - Fork 197
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade update-notifier version for fixing CVE-2022-33987 #704
Comments
I love how this upgrade to |
Hi @bcoe , I disagree with the completion of this issue. Could we re-open the issue until we got a new version published in NPM? |
@holblin
However it seems to have some issues:
|
@holblin I believe the issue I was running into was a stale |
It works 👍 |
Hi,
I have multiple packages that use gts. Due to a CVE,
gts
is impacted in his last version:Updating
update-notifier
to the latest version and releasing a new version ofgts
, will solve the issue.Indeed, currently, this is the chain of versions from gts:
update-notifier (^5.0.0) > latest-version (^5.1.0) > package-json (^6.3.0) > got (^9.6.0)
And this will be the new chain of versions after the change:
update-notifier (6.0.2) > latest-version (^7.0.0) > package-json (^8.1.0) > got (^12.1.0)
The text was updated successfully, but these errors were encountered: