nodemon: update to lose malicious package #81

wiese · 2018-11-27T10:29:40Z

nodemon is a tool that helps develop node.js based applications by
automatically restarting the node application when files change.
This updates it to the latest version to fix a security problem
remy/nodemon#1451

Dependency tree before was:

$ docker-compose run --rm node npm ls flatmap-stream
wikibase-termbox@0.1.0 /app
`-- nodemon@1.18.4
  `-- pstree.remy@1.1.0
    `-- ps-tree@1.1.0
      `-- event-stream@3.3.6
        `-- flatmap-stream@0.1.1      <- https://www.npmjs.com/advisories/737

nodemon is a tool that helps develop node.js based applications by automatically restarting the node application when files change. This updates it to the latest version to fix a security problem remy/nodemon#1451 Dependency tree before was: $ docker-compose run --rm node npm ls flatmap-stream wikibase-termbox@0.1.0 /app `-- nodemon@1.18.4 `-- pstree.remy@1.1.0 `-- ps-tree@1.1.0 `-- event-stream@3.3.6 `-- flatmap-stream@0.1.1 <- https://www.npmjs.com/advisories/737

wiese · 2018-11-27T10:41:50Z

If you have time to spare, take a look at the original issue for some open source philosophy.

manicki · 2018-11-27T11:26:31Z

wow

wiese requested review from jakobw, bitPogo and manicki November 27, 2018 10:29

manicki approved these changes Nov 27, 2018

View reviewed changes

manicki merged commit 1e7a294 into master Nov 27, 2018

manicki deleted the nodemon-fix branch November 27, 2018 11:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

nodemon: update to lose malicious package #81

nodemon: update to lose malicious package #81

wiese commented Nov 27, 2018

wiese commented Nov 27, 2018

manicki commented Nov 27, 2018

nodemon: update to lose malicious package #81

nodemon: update to lose malicious package #81

Conversation

wiese commented Nov 27, 2018

wiese commented Nov 27, 2018

manicki commented Nov 27, 2018