This repository has been archived by the owner on Feb 19, 2022. It is now read-only.
Update dependancies to fix tar security vulnerability #49
Assignees
Comments
|
@synap5e this fix may wait a while. You can dismiss the vulnerability alert and mark it as can't currently fix iirc. I've had to do that on a lot of repos until the node ecosystem organises itself. |
|
👍 dismissed - I'll leave the issue up as a reminder though |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
tar before 4.4.2 has a file overwrite issue, so I get this lovely alert whenever I go to github
I believe we are currently waiting on nodejs/node-gyp#1714 as this has a dependency on the old tar
The text was updated successfully, but these errors were encountered: