This is great and I have used this on a couple of projects. A new high severity vulnerability has come up and it looks bad. How do I fix ua-parser-js 0.8.1 - 1.0.32? Would this be an override as well? How would I go about doing this one?
I tried to do an override but it didn't work it says node_modules/browser-sync/node_modules/ua-parser-js browser-sync >=2.27.6 Depends on vulnerable versions of ua-parser-js node_modules/browser-sync
*UPDATED NPM Video* th-cam.com/video/VAHkHj3I6Wg/w-d-xo.html
11ty drove me crazy with some vulnerable packages / dependencies. So you explained exactly what I was looking for. Thanks a lot man!
First comment ever on TH-cam, you're the man!. Thank you for sharing knowledge. Just subscribed! And thumb up!
Thank You very much, i was getting 4 vulnerabilities because of semver, but after using override to version 7.5.3, it was fixed
Glad it helped. 🙌
Excellent tip, worked like a charm!
Thanks man, solved the problem. Subscribed.
Awesome, glad it helped.
Great explanation. Thanks a lot.
No problem, I’m glad it helped. Thanks for watching 🙏
Thank YOU. I was getting so sick of the Dependabot alerts about glob-parent.
Thank you very much! Worked like a charm!!
Thank you so much for this video! The gulp vulnerability messages were driving me crazy
Thank you very, you are awesome. Your tut helped me so much!
No problem. I’m glad it was helpful. Thanks for watching 🙏🙏
Awesome video and extremely helpful. If say you were using Yarn instead of npm, would you follow a similar approach with the overrides? Thanks
With Yarn, you would use resolutions instead. The concept is the same, just different terminology. Thanks for the question, and for watching.
@@PixemWeb just had a quick look at resolutions. Like you say, the concept is the same. Thanks.
How did you know which version of chokidar, glob-parent to override?
man this really helped me thanks
It's really useful!
hi. when I copy an image using this syntax src/styles/**/*.scss . Then gulp cannot copy the images
Really helpful 👍
Thanks 🙏
This is great and I have used this on a couple of projects. A new high severity vulnerability has come up and it looks bad. How do I fix ua-parser-js 0.8.1 - 1.0.32? Would this be an override as well? How would I go about doing this one?
I tried to do an override but it didn't work it says
node_modules/browser-sync/node_modules/ua-parser-js
browser-sync >=2.27.6
Depends on vulnerable versions of ua-parser-js
node_modules/browser-sync
THANK YOU SIR!!👍
How did you know which version of chokidar, glob-parent to override?
I went to NPM and looked for the current version. Then I tested to make sure that using it wouldn’t cause problems with my workflow.
very epic
THANK YOU SO MUCH!!!
thanks alot 😍
Thanks a lot
Yes it works
Nope, it generates more vulnerabilities with that command for some reason. I just ended deleting my npm project and start from full scratch.