Update dependencies to fix npm audit vulnerabilitys

Question

Update dependencies to fix npm audit vulnerabilitys

Closed this issue 4 years ago · 2 comments

Hey there, the title says it all. Please update the dependencies and release a new version on npm.

Below is the npm audit report.

Thank you in advance!

npm audit report

node-fetch <=2.6.0 || 3.0.0-beta.1 - 3.0.0-beta.8
Denial of Service - https://npmjs.com/advisories/1556
fix available via npm audit fix --force
Will install unsemantic@1.1.3, which is a breaking change
node_modules/node-fetch
isomorphic-fetch 2.0.0 - 2.2.1
Depends on vulnerable versions of node-fetch
node_modules/isomorphic-fetch
fbjs 0.7.0 - 1.0.0
Depends on vulnerable versions of isomorphic-fetch
node_modules/fbjs
react 15.0.0-rc.1 - 16.4.2
Depends on vulnerable versions of fbjs
node_modules/react
unsemantic >=1.2.0
Depends on vulnerable versions of react
node_modules/unsemantic

5 low severity vulnerabilities

Answer 1 · 2021-01-15T19:09:18.000Z

Created Pull Request:
#105

Please review

Answer 2 · 2021-01-15T21:58:45.000Z

cc: @de-dan

Reviewing now. Sorry for the delay.