Tom Byers aeaa96124c Fix node version & lock down npm version ...

The intention behind the version of node in the
engines property was for that version to be the
minimum required so it was always missing the `>=`
prefix.

This adds that prefix and also adds a setting for
npm, to prevent use of insecure versions. See this
article for details:

https://github.blog/2021-09-08-github-security-update-vulnerabilities-tar-npmcli-arborist/

2021-09-22 12:05:47 +01:00

1.8 KiB

Raw Blame History

View Raw