Last 12 weeks ยท 0 commits
3 of 6 standards met
I've started to see vulnerability reports on a number of projects that all look like this: https://github.com/bullet-train-co/bullet_train-core/security/dependabot/557 The issue arises because depends on the deprecated package which has its dependency on declared with . Updating to should fix the dependency chain, but I don't know if it would introduce other issues.
Repository: developit/microbundle. Description: ๐ฆ Zero-configuration bundler for tiny modules. Stars: 8135, Forks: 359. Primary language: JavaScript. Languages: JavaScript (100%). License: MIT. Homepage: https://npm.im/microbundle Topics: build, bundle, microlib, module-bundler, rollup, tiny-modules, umd. Latest release: v0.15.1 (3y ago). Open PRs: 26, open issues: 76. Last activity: 5mo ago. Community health: 57%. Top contributors: developit, ForsakenHarmony, marvinhagemeister, Andarist, greenkeeper[bot], rschristian, wardpeet, bors[bot], MatiasOlivera, andrewiggins and others.