From 965bf0a5beb4b08519ffc221692ca66cfe2db561 Mon Sep 17 00:00:00 2001 From: gingerchris Date: Thu, 31 Oct 2019 17:29:19 +0000 Subject: [PATCH 1/2] chore(dependency): Update micromatch to 4.0.2 There is a security issue in set-value (https://nvd.nist.gov/vuln/detail/CVE-2019-10747) that is fixed by updating micromatch to the latest version, which does not use set-value --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index b2538f6..7d394b8 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "enhanced-resolve": "^4.0.0", "loader-utils": "^1.1.0", "lodash": "^4.17.5", - "micromatch": "^3.1.9", + "micromatch": "^4.0.2", "mkdirp": "^0.5.1", "source-map-support": "^0.5.3", "webpack-log": "^1.2.0" From bd4b1469a39ba6784bc07320259a71317a4d530c Mon Sep 17 00:00:00 2001 From: gingerchris Date: Thu, 31 Oct 2019 17:32:25 +0000 Subject: [PATCH 2/2] chore(dependency): Update supported Node version The updated version of micromatch requires node 8 or later. --- .travis.yml | 2 +- README.md | 2 +- appveyor.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0269f1a..3b04f81 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,4 +7,4 @@ before_script: - yarn install - yarn run build node_js: - - "7" + - "8" diff --git a/README.md b/README.md index 2c430d1..35e92fe 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,7 @@ After that, you will be able to build TypeScript files with webpack. ## NodeJS versions -**The loader supports NodeJS 4 and newer.** +**The loader supports NodeJS 8 and newer.** ## tsconfig.json diff --git a/appveyor.yml b/appveyor.yml index a4b9066..0a7193e 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -1,5 +1,5 @@ environment: - nodejs_version: "6" + nodejs_version: "8" matrix: - TYPESCRIPT: typescript@2.7.2 cache: