[webrtc-pc] Should this repo have a package-lock.json file? (#3012) from Harald Alvestrand via GitHub on 2024-10-29 (public-webrtc@w3.org from October 2024)

From: Harald Alvestrand via GitHub <sysbot+gh@w3.org>
Date: Tue, 29 Oct 2024 10:42:59 +0000
To: public-webrtc@w3.org
Message-ID: <issues.opened-2620852330-1730198576-sysbot+gh@w3.org>

alvestrand has just created a new issue for https://github.com/w3c/webrtc-pc:

== Should this repo have  a package-lock.json file? ==
Apparently part of the config of this repo refers to xml2js, which has a security alert against it.
Dependabot can't fix it because the repo doesn't have a package-lock.json file.

Should it have one?

Calling @dontcallmedom as the repo expert.


Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/3012 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 29 October 2024 10:43:00 UTC