-
Notifications
You must be signed in to change notification settings - Fork 492
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace npm package "decompress" #1012
Comments
Related issue: kevva/decompress#71 |
I see there is an open PR for |
@hjvedvik it seems that the maintainer of the decompress package is not active currently. Based on the comments and other repos ( like gatsby gatsbyjs/gatsby#22014 (comment) ) it's a "no real issue" for gridsome. ( but please correct me, if I'm wrong ) Maybe we could update the readme and mark this as known issue? |
Fixed in release v4.2.1: https://github.com/kevva/decompress/releases But doesn't look like many packages in the dependent chain have been updated in a while. |
abra o cmd e rode npm install npm@latest -g ela pega a ultima versão |
Summary
Replace npm package
decompress
due to vulnerability documented here.Motivation
The text was updated successfully, but these errors were encountered: