Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node Security Issue with lodash: 577 - Prototype Pollution #312

Open
johncblandii opened this issue May 14, 2018 · 8 comments · May be fixed by #343
Open

Node Security Issue with lodash: 577 - Prototype Pollution #312

johncblandii opened this issue May 14, 2018 · 8 comments · May be fixed by #343

Comments

@johncblandii
Copy link

screen shot 2018-05-14 at 6 04 49 pm

We need a lodash update. It'd be a good time to release to resolve #301 as well.
@AukeTembrink
Copy link

I can approve this. +1

@Berkmann18
Copy link

It still seems to be a problem on 1.12.0 according to Snyk (https://app.snyk.io/test/npm/vorpal/1.12.0).

@Berkmann18 Berkmann18 linked a pull request Jun 5, 2019 that will close this issue
Open
@johncblandii
Copy link
Author

I'm pretty sure this project is dead, @Berkmann18.

@Berkmann18
Copy link

@johncblandii I hope not. @dthree ?

@tsujp
Copy link

tsujp commented Oct 9, 2019

Why has this not been merged, rather unacceptable that a high security vulnerability has been here for over a year

@slinkardbrandon
Copy link

slinkardbrandon commented Oct 9, 2019
edited
Loading

@tsujp Because the project is dead and the old vorpal admins haven’t put anyone else in charge.

@tsujp
Copy link

tsujp commented Oct 9, 2019

@slinkardbrandon I guess either https://github.com/vorpaljs-reforged/vorpal or https://github.com/oclif/oclif is the play now.

@davidnussio
Copy link

I'm starting using this fork: npm i @moleculer/vorpal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix security vulnerabilities Berkmann18/vorpal
6 participants
@johncblandii @davidnussio @tsujp @Berkmann18 @slinkardbrandon @AukeTembrink