Address npm-audit warning about handlebars

Question

Address npm-audit warning about handlebars

Krinkle opened this issue 5 years ago · comments

                       === npm audit security report ===                        
                                                                                
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ handlebars                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ jsdoc-to-markdown [dev]                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ jsdoc-to-markdown > dmd > handlebars                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/755                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

From https://nodesecurity.io/advisories/755:

Remediation

Upgrade to version 4.0.13 or later.

Timo Tijhof · Answer 1 · Fri Feb 22 2019 00:11:24 GMT+0800 (China Standard Time)

Nevermind, the range already allows this. Just had to update my lock file. Sorry :)