There is no 4.1.1 on npm
xPaw opened this issue · comments
Pavel Djundik commented
warning mocha > yargs-unparser > flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.
But there is no 4.1.1 to update to. https://www.npmjs.com/package/flat/v/4.1.1
DevRCRun commented
Same is true of 4.1.2
Waldemar Neto commented
same here, any news?
Filipp Riabchun commented
@timoxley can you please comment on that?
Tim Kevin Oxley commented
Fixed. My bad, pushed tag to github but didn't publish to npm
. 4.1.1 published + all other versions with previous prototype pollution fix.
Same is true of 4.1.2
There was never a 4.1.2.
Tim Kevin Oxley commented
Ugh I thought npm fixed that so it wouldn't update the latest tag to an older version. Maybe I just dreamed that.
Tim Kevin Oxley commented
Will fix
Tim Kevin Oxley commented
Fixed