[Bug] html-minifier high severity vulnerability

[Tpleme]

Describe the bug
A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0.
html-minifier

Additional context
A ReDos was found on this package, and it seems that they won't patch it, their last update was 5 years ago.
MJML lauched a alpha version replacing it with htmlnano and prettier (issue here).

[Thomascogez]

Thanks for the report !
I check the [email protected] branch has you recommended until the official release of mjml@5 version

Thanks again for you interest ! I will take a look at this in the few day and release a new minor version of this package 👍

[Tpleme]

Hi, thanks for that, i really appreciate your effort on maintaining this package, this has been very useful for me :D
I could adventure myself on making a PR but i think this is not something i can handle.

[Thomascogez]

Hey @Tpleme, Thanks for your feedback ! And i'm glad that this package has been useful for you ! I just release 1.4.0 with the changes that has been discussed before 👍. You can check the full upgrade/migration guide right here https://github.com/Thomascogez/nodemailer-mjml/blob/master/MIGRATION_GUIDES/FROM_1.3.X_TO_1.4.md

[Tpleme]

Thank you very much. Really appreciate your time. Gonna close this. :P