Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use chokidar@2 #97

Merged
merged 1 commit into from
Feb 27, 2019
Merged

Use chokidar@2 #97

merged 1 commit into from
Feb 27, 2019

Conversation

stefee
Copy link
Contributor

@stefee stefee commented Feb 26, 2019

Change log

Notes for reviewer

Use chokidar@2
86b040c 
* Breaking: Upgrade chokidar dependency which requires globs to be more strict and always use POSIX-style slashes because Windows-style slashes are used as escape sequences
* See chokidar change log: https://github.com/paulmillr/chokidar/blob/master/CHANGELOG.md
@stefee
Copy link
Contributor Author

stefee commented Feb 26, 2019

cc @kmagiera

@stefee
Copy link
Contributor Author

stefee commented Feb 26, 2019
edited
Loading

See below npm audit report which this PR addresses:

$ npm audit

                       === npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ braces                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=2.3.1                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ babel-watch [dev]                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ babel-watch > chokidar > anymatch > micromatch > braces      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/786                             │
└───────────────┴──────────────────────────────────────────────────────────────┘

@STRML
Copy link
Collaborator

STRML commented Feb 27, 2019

Causes no issues in my testing. Merging.

@STRML STRML merged commit d54d126 into kmagiera:master Feb 27, 2019
@stefee
Copy link
Contributor Author

stefee commented Mar 14, 2019

@STRML would you be able to release this change as a patch for us?

@STRML
Copy link
Collaborator

STRML commented Mar 14, 2019

I don't have publish permissions, @kmagiera?

@stefee
Copy link
Contributor Author

stefee commented Apr 5, 2019

@kmagiera
a new patch release would be appreciated

@stefee stefee mentioned this pull request Jul 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stefee @STRML