This is great and I have used this on a couple of projects. A new high severity vulnerability has come up and it looks bad. How do I fix ua-parser-js 0.8.1 - 1.0.32? Would this be an override as well? How would I go about doing this one?
I tried to do an override but it didn't work it says node_modules/browser-sync/node_modules/ua-parser-js browser-sync >=2.27.6 Depends on vulnerable versions of ua-parser-js node_modules/browser-sync
*UPDATED NPM Video* th-cam.com/video/VAHkHj3I6Wg/w-d-xo.html
11ty drove me crazy with some vulnerable packages / dependencies. So you explained exactly what I was looking for. Thanks a lot man!
First comment ever on TH-cam, you're the man!. Thank you for sharing knowledge. Just subscribed! And thumb up!
Excellent tip, worked like a charm!
Thank You very much, i was getting 4 vulnerabilities because of semver, but after using override to version 7.5.3, it was fixed
Glad it helped. 🙌
Thanks man, solved the problem. Subscribed.
Awesome, glad it helped.
Great explanation. Thanks a lot.
No problem, I’m glad it helped. Thanks for watching 🙏
Thank you very much! Worked like a charm!!
hi. when I copy an image using this syntax src/styles/**/*.scss . Then gulp cannot copy the images
Thank YOU. I was getting so sick of the Dependabot alerts about glob-parent.
Thank you very, you are awesome. Your tut helped me so much!
No problem. I’m glad it was helpful. Thanks for watching 🙏🙏
It's really useful!
Really helpful 👍
Thanks 🙏
man this really helped me thanks
Awesome video and extremely helpful. If say you were using Yarn instead of npm, would you follow a similar approach with the overrides? Thanks
With Yarn, you would use resolutions instead. The concept is the same, just different terminology. Thanks for the question, and for watching.
@@PixemWeb just had a quick look at resolutions. Like you say, the concept is the same. Thanks.
How did you know which version of chokidar, glob-parent to override?
Thank you so much for this video! The gulp vulnerability messages were driving me crazy
How did you know which version of chokidar, glob-parent to override?
I went to NPM and looked for the current version. Then I tested to make sure that using it wouldn’t cause problems with my workflow.
This is great and I have used this on a couple of projects. A new high severity vulnerability has come up and it looks bad. How do I fix ua-parser-js 0.8.1 - 1.0.32? Would this be an override as well? How would I go about doing this one?
I tried to do an override but it didn't work it says
node_modules/browser-sync/node_modules/ua-parser-js
browser-sync >=2.27.6
Depends on vulnerable versions of ua-parser-js
node_modules/browser-sync
THANK YOU SIR!!👍
thanks alot 😍
THANK YOU SO MUCH!!!
very epic
Thanks a lot
Yes it works
Nope, it generates more vulnerabilities with that command for some reason. I just ended deleting my npm project and start from full scratch.