Update npm-run - it has security issue
opened this issue · comments
Describe the bug
Actual version use npm-run v4 which has security issue because it uses sync-exec. https://nodesecurity.io/advisories/310
Please upgrade npm-run to v5
To Reproduce
run npm audit
Expected behavior
npm audit shouldnt find any security issues
Versions (please complete the following information):
- OS:
Ubuntu 18.04
graphql-cli
:3.0.3
We have just released a new structure for GraphQL CLI in new alpha versions 4.0.0-alpha.XXX
.
This was a complete rewrite and we've updated all the dependencies.
Can you please check it out and see if that issue is still relevant?
Checkout the new instructions and the migration guide on the docs and let us know your feedback.
Feel free to contact us by opening an issue or using our Discord channel;
https://discord.gg/xud7bH
I've posted the wrong Discord link, this is the correct one: https://discord.gg/xud7bH9