Security vulnerabilities in Reload and Socket

Question

Security vulnerabilities in Reload and Socket

Martination opened this issue 6 years ago · 0 comments

NPM is reporting 19 vulnerabilities (12 low, 2 moderate, 4 high, 1 critical) in the packages for the project.
Reload 1.0.0 is responsible for 10 of them and NPM suggests upgrading to 2.3.0.
Socket 1.4.8 is responsible for 9 of them and NPM suggests upgrading to 2.1.1.

However, these are breaking changes. While this isn't a public site and it doesn't have much chance of being exploited in this case, I'm sure a lot of people build off of this code and it sets a good example for security and maintaining projects.