shamrickus commented on a change in pull request #4878:
URL: https://github.com/apache/trafficcontrol/pull/4878#discussion_r455141488
##########
File path: traffic_portal/package.json
##########
@@ -1,13 +1,14 @@
{
"name": "traffic_portal",
"devDependencies": {
+ "browserify": "^16.5.1",
"connect-livereload": "0.6.1",
"connect-modrewrite": "0.10.2",
"connect-timeout": "1.9.0",
"express": "4.17.1",
"grunt": "1.0.4",
"grunt-adam-compass": "0.7.1",
- "grunt-browserify2": "0.1.8",
+ "grunt-browserify": "^5.3.0",
Review comment:
Good point, perhaps `~` (patch releases only) would be better. The
remaining security vulnerabilities in our audit are from repos that use exact
versioning and `~` would fix them. In any case, I'll make it exact versioning
for now as that change should probably be made to the entire file in a separate
PR.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
