Skip to content

braces: please read!  #148

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
braces: please read! #148
@jonschlinkert

Description

@jonschlinkert
jonschlinkert
opened on Mar 5, 2019

Do not create issues related to braces

TLDR; Delete all lock files, then reinstall. This was fixed a long time ago. If you're still not sure what to do, please don't comment here, you will find more information and support by searching Google and StackOverflow.

  1. braces was fixed ages ago, within a day or two of the report being created
  2. Semver makes this really simple. Patch the root library once, and all downstream libraries get the patch. Thus, any library that depends on braces will automatically get the patched version by simply reinstalling. If you are not getting the latest version, you are probably using a lockfile that is preventing semver from doing its job.
  3. Don't create issues on dependent libraries when you see a vulnerability message. ALWAYS, AND ONLY create issues on the library that has the vulnerability so that it can be patched. ONLY WHEN AND IF that library has not been fixed in a timely manner does it make sense to create issue on dependent libraries.

More info here

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions