isparta v4.0.0 is vulnerable
Closed this issue · 2 comments
ruslan-bikkinin commented
Hi guys, seems to be that isparta v4.0.0 has unresolved security vulnerabilities:
=== npm audit security report ===
# Run npm update minimatch --depth 5 to resolve 1 vulnerability
High Regular Expression Denial of Service
Package minimatch
Dependency of isparta [dev]
Path isparta > istanbul > fileset > glob > minimatch
More info https://nodesecurity.io/advisories/118
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Regular Expression Denial of Service
Package minimatch
Patched in >=3.0.2
Dependency of isparta [dev]
Path isparta > istanbul > fileset > minimatch
More info https://nodesecurity.io/advisories/118
Do you have any plans to fix it?
douglasduteil commented
Thanks.
I'm not maintaining Isparta anymore
ruslan-bikkinin commented
Thanks for response and for quick fix @douglasduteil 👍 ! So, isparta is considered as archived and abandoned?