Y
Hacker News
new
|
ask
|
show
|
jobs
by
inbx0
1693 days ago
-name "*coa*" is a bit too eager. It will flag other packages too, like the fairly popular babel-plugin-nullish-coalescing
1 comments
resoluteteeth
1693 days ago
If you have an index for the locate command it's probably easier to do:
locate "/coa/package.json" | xargs -I {} jq .version {} 2>/dev/null
link
salzig
1693 days ago
maybe print the command (`-t`) xargs executes, to make identification easier.
link
resoluteteeth
1693 days ago
It's sort of a moot point since if you have an affected version you have to assume your whole system is compromised anyway in the case of this type of issue.
link
locate "/coa/package.json" | xargs -I {} jq .version {} 2>/dev/null