Hello, I saw a potential security vulnerability when I tried to use my repository in github again which it told me to fix this, this error is in blow link:
and I searched it in google and found https://github.com/brunch/brunch/issues/1603 that they said it was for the sake of Brunch, but I didn’t how I can update this , was there a solution?
I use Phoenix v1.3.3 && Node v9.3.0, Is there some security error for me or not ?
Hi, I got the same issue as you just after boostraping a pheonix application.
Github has detected a potential vulnerability from node-growl dependency. The vulnerability comes from loggy pulled from brunch.io . I had to upgrade brunch to a version that doesn’t use loggy anymore. I used the tool npm-check-updates to do so.
You can always upgrade brunch manually that’s fine, you don’t even need to use brunch at all, use whatever you want (it’s pluggable! ), even the next phoenix (1.4) has switched to webpack instead of brunch now that webpack is fast now.