I’m working with a public repo I created for the enigma-discovery CLI getting started guide.
Github warned me that there’s a security vulnerability in
lodash, which is coming from the
email@example.com dependency used by
firstname.lastname@example.org . Just wanted to give a heads up in case it’s possible for Enigma to update their version of
jayson to solve the issue. I’m not sure if it’s possible for end users depending on
enigma-js to override the
lodash dependency version themselves.
➜ enigma-discovery git:(master) npm ls lodash email@example.com /Users/dwarrier/WebstormProjects/enigma-discovery └─┬ firstname.lastname@example.org └─┬ email@example.com └── firstname.lastname@example.org