[Security] for libnpm vulnerable dependency reported in npm audit

Hi, for latest libnpm 2.0.1 a vulnerable version of dependency npm-lifecycle was reported in npm audit. Could you please npm audit fix your package and publish to npm?

npm audit output follows:
High Arbitrary File Overwrite

Package tar

Patched in >=4.4.2

Dependency of npm

Path npm > libnpm > npm-lifecycle > node-gyp > tar

More info https://nodesecurity.io/advisories/803

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.