Steve Winton
|
d3d3cc1a11
|
Merge pull request #3 from timruffles/bump-nodemon
Remove dependency on vulnerable event-stream package
|
2018-12-18 16:08:14 -06:00 |
|
Tim Ruffles
|
e9d93d972b
|
remove nodemon as it's not useful here, which drops vulnrable event-stream dep
|
2018-11-28 08:55:43 -08:00 |
|
Steve Winton
|
fb55f2efa8
|
Merge pull request #2 from actions/upgrade-merge-dependency
Upgrade merge to version 1.2.1 or later
|
2018-11-27 10:51:51 -06:00 |
|
Steve Winton
|
8fbdf3f36e
|
Upgrade merge to version 1.2.1 or later
Per the guidance:
1. https://nvd.nist.gov/vuln/detail/CVE-2018-16469
|
2018-11-27 10:49:56 -06:00 |
|
Steve Winton
|
22b62a2e66
|
Merge pull request #1 from actions/downgrade-event-stream
Downgrade event-stream to the last non-malicious version, 3.3.4
|
2018-11-27 10:44:03 -06:00 |
|
Steve Winton
|
0c37aef018
|
Downgrade event-stream to the last non-malicious version, 3.3.4
Per the guidance:
1. https://github.com/dominictarr/event-stream/issues/116
|
2018-11-27 10:40:34 -06:00 |
|
GitHub
|
6d4d52b5f4
|
Initial commit
Co-authored-by: Steve Winton <stevewinton@gmail.com>
Co-authored-by: Steve Winton <swinton@users.noreply.github.com>
Co-authored-by: Brandon Keepers <bkeepers@github.com>
|
2018-10-16 07:49:38 -07:00 |
|