From eb8e352c93deb6dff256d41feade988a9a16bfef Mon Sep 17 00:00:00 2001
From: Bryan Stearns <bryanstearns@gmail.com>
Date: Thu, 27 Dec 2018 10:32:09 -0800
Subject: [PATCH] Bump npm-run-all version for security

npm-run-all 4.1.3 depends indirectly on flatmap-stream, which has been yanked
from npm because it contained malicious code:

https://www.npmjs.com/advisories/737
https://github.com/mysticatea/npm-run-all/issues/149
---
 boilerplate/package.json.ejs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/boilerplate/package.json.ejs b/boilerplate/package.json.ejs
index cd73e963..9943d52a 100644
--- a/boilerplate/package.json.ejs
+++ b/boilerplate/package.json.ejs
@@ -50,7 +50,7 @@
     "@types/validate.js": "0.11.0",
     "babel-plugin-transform-inline-environment-variables": "0.4.3",
     "jest-preset-ignite": "0.6.1",
-    "npm-run-all": "4.1.3",
+    "npm-run-all": "4.1.5",
     "patch-package": "5.1.1",
     "postinstall-prepare": "1.0.1",
     "prettier": "1.12.1",