Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade kind-of to reduce security risk #360

Open
whaber opened this issue Jul 20, 2020 · 1 comment
Open

Upgrade kind-of to reduce security risk #360

whaber opened this issue Jul 20, 2020 · 1 comment
Labels
security security stuffs

Comments

@whaber
Copy link
Contributor

whaber commented Jul 20, 2020

Upgrade kind-of dependency as the current versions in use (3.2.2, 4.0.0) have security vulnerabilities (Improper Input Validation in utils-extend, Type checking vulnerability in kind-of, etc)

https://www.npmjs.com/package/kind-of - the latest version is 6.0.3

@veeara282 veeara282 added the security security stuffs label Jul 23, 2020
@colbymorrison
Copy link
Contributor

From what I can see, the vulnerable versions of kind-of are only used by our dev-dependencies, not our direct dependencies. So, this is not a critical issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security security stuffs
Projects
None yet
Development

No branches or pull requests

3 participants