Closed
Description
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Low Regular Expression Denial of Service
Package braces
Patched in >=2.3.1
Dependency of karma [dev]
Path karma > expand-braces > braces
More info https://nodesecurity.io/advisories/786
Metadata
Metadata
Assignees
Labels
No labels
Activity
johnjbarton commentedon Feb 16, 2019
Please send a pull request if this is important to you.
http://karma-runner.github.io/3.0/dev/contributing.html
fix: remove vulnerable dependency expand-braces
fix: remove vulnerable dependency expand-braces (#3270)
mboughaba commentedon Feb 19, 2019
Thanks @SteinRobert, @johnjbarton
When do you think this fix can released in 4.x?
Cheers. Mo
hypery2k commentedon Feb 21, 2019
any plan to release 4.0.1 soon?