Can this package used alternative of npm-run-all ?
anil-ghub opened this issue · 3 comments
Hi,
My angular project had a reference of npm-run-all but one of the dependency packages: shell-quote@1.6.1 is identified as a vulnerability risk in a security scan to fix this i need to version bump shell-quote to >1.7.3 but npm-run-all doesn't have latest version which had shell-quote@1.7.3
I found npm-run-all2 which had recommended version of shell-quote@1.7.3 with a vulnerability fix. Can anyone confirm whether npm-run-all2 is an alternative to npm-run-all because there was no active contribution from the past 4 years.
npm-run-all2 is my fork of the npm-run-all project. I aim to keep the dependency tree up to date and land bug fixes that were aimed at upstream but never landed. I use it in many projects and am committed to it for the foreseeable future. The last release was 22 days ago.
It's a drop in replacement, I have swapped to it in all my projects, it's a strictly better option
Feel free to re-open or open a new issue if you have more questions, or run into issues. Hope it works out for you!