Address npm-audit warning about handlebars
Krinkle opened this issue · comments
=== npm audit security report ===
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ handlebars │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ jsdoc-to-markdown [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ jsdoc-to-markdown > dmd > handlebars │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://nodesecurity.io/advisories/755 │
└───────────────┴──────────────────────────────────────────────────────────────┘
From https://nodesecurity.io/advisories/755:
Remediation
Upgrade to version 4.0.13 or later.
Nevermind, the range already allows this. Just had to update my lock file. Sorry :)