Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update acorn to the latest version 🚀 #50

Closed
wants to merge 1 commit into from
Closed

Update acorn to the latest version 🚀 #50

wants to merge 1 commit into from

Conversation

greenkeeper[bot]
Copy link

@greenkeeper greenkeeper bot commented Aug 13, 2019

The dependency acorn was updated from 6.3.0 to 7.0.0.

This version is not covered by your current version range.

If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

Publisher: marijn
License: MIT

Find out more about this release.

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper bot 🌴

greenkeeper bot added a commit that referenced this pull request Sep 24, 2019
@greenkeeper
fix(package): update acorn to version 7.1.0
ef4a6f4 
Closes #50
@greenkeeper
Copy link
Author

greenkeeper bot commented Sep 24, 2019

  • The dependency acorn was updated from 6.3.0 to 7.1.0.

Update to this version instead 🚀

greenkeeper bot added a commit that referenced this pull request Mar 1, 2020
@greenkeeper
fix(package): update acorn to version 7.1.1
7c41559 
Closes #50
@greenkeeper
Copy link
Author

greenkeeper bot commented Mar 1, 2020

  • The dependency acorn was updated from 6.4.0 to 7.1.1.

Update to this version instead 🚀

@dacevedoatfluid
Copy link

Hi @ForbesLindesay, please consider merging this asap, acorn was reported vulnerable https://npmjs.com/advisories/1488. Fixed in >= 7.1.1

@hjr3 hjr3 mentioned this pull request Mar 7, 2020
Closed
This was referenced Mar 7, 2020
Closed
Closed
Closed
@tunnckoCore
Copy link

For anyone having this

yarn add EmmaGoodliffe/acorn-globals#patch-1
# or if in monorepo setup
yarn add -W EmmaGoodliffe/acorn-globals#patch-1

# or npm
npm i EmmaGoodliffe/acorn-globals#patch-1

@dacevedoatfluid @technote-space @inlightmedia and others.

tunnckoCore added a commit to helapkg/hela that referenced this pull request Mar 7, 2020
@tunnckoCore
chore: patch ReDOS in acorn/jest
ac1f722 
ForbesLindesay/acorn-globals#53
ForbesLindesay/acorn-globals#56
ForbesLindesay/acorn-globals#50
jestjs/jest#9643
jsdom/jsdom#2882

Signed-off-by: Charlike Mike Reagent <[email protected]>
@inlightmedia
Copy link

inlightmedia commented Mar 7, 2020
edited
Loading

@tunnckoCore When installing the EmmaGoodliffe/acorn-globals#patch-1 patch it just marks my package tree as invalid and I can't run npm audit after. Any idea why that would happen?

Looks like the repo no longer exists.

@tunnckoCore
Copy link

tunnckoCore commented Mar 7, 2020
edited
Loading

@inlightmedia yup, sadly... ;/ and i suggested it in several places...

Try with ForbesLindesay/acorn-globals#greenkeeper/acorn-7.1.1.

It works for me.

just marks my package tree as invalid and I can't run npm audit after.

I don't know, I'm not using npm since day 1 of Yarn and it works with it.

@TimothyGu TimothyGu mentioned this pull request Mar 8, 2020
Closed
TimothyGu added a commit that referenced this pull request Mar 8, 2020
@TimothyGu
fix(package): update packages
9297690 
Also update Travis CI configuration to use newer versions of Node.js.

Closes #39
Closes #40
Closes #50
Closes #53
TimothyGu added a commit that referenced this pull request Mar 8, 2020
@TimothyGu
fix(package): update packages
df87c57 
Also update Travis CI configuration to use newer versions of Node.js.

Closes #39
Closes #40
Closes #50
Closes #51
Closes #53
@TimothyGu TimothyGu mentioned this pull request Mar 8, 2020
Merged
@TimothyGu TimothyGu closed this in #57 Mar 8, 2020
TimothyGu added a commit that referenced this pull request Mar 8, 2020
@TimothyGu
fix(package): update dependencies (#57)
43038ba 
Also update Travis CI configuration to use newer versions of Node.js.

Closes #39
Closes #40
Closes #50
Closes #51
Closes #53
@greenkeeper greenkeeper bot deleted the greenkeeper/acorn-7.0.0 branch March 8, 2020 04:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
greenkeeper
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dacevedoatfluid @tunnckoCore @inlightmedia