douglasduteil/isparta

isparta v4.0.0 is vulnerable

Closed this issue · 2 comments

Hi guys, seems to be that isparta v4.0.0 has unresolved security vulnerabilities:

                      === npm audit security report ===

# Run  npm update minimatch --depth 5  to resolve 1 vulnerability

  High            Regular Expression Denial of Service

  Package         minimatch

  Dependency of   isparta [dev]

  Path            isparta > istanbul > fileset > glob > minimatch

  More info       https://nodesecurity.io/advisories/118




                                 Manual Review
             Some vulnerabilities require your attention to resolve

          Visit https://go.npm.me/audit-guide for additional guidance


  High            Regular Expression Denial of Service

  Package         minimatch

  Patched in      >=3.0.2

  Dependency of   isparta [dev]

  Path            isparta > istanbul > fileset > minimatch

  More info       https://nodesecurity.io/advisories/118

Do you have any plans to fix it?

Thanks.
I'm not maintaining Isparta anymore

Thanks for response and for quick fix @douglasduteil 👍 ! So, isparta is considered as archived and abandoned?