New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

npm-audit-html depends on vulnerable versions of marked #66

Open

jwtd opened this issue Feb 24, 2021 · 1 comment

jwtd commented Feb 24, 2021

npm-audit-html is being flagged by...npm audit :D

Not a production dependency for me, but wanted to share.

$ npm audit
# npm audit report

marked  1.1.1 - 1.2.9
Severity: moderate
Regular Expression Denial of Service - https://npmjs.com/advisories/1623
fix available via `npm audit fix`
node_modules/marked
  npm-audit-html  >=1.4.2
  Depends on vulnerable versions of marked
  node_modules/npm-audit-html

The text was updated successfully, but these errors were encountered:

whoisbob commented Jan 31, 2022

Heya! I see a PR has been opened for this issue but the tests seem to be failing. Is anyone on the team able to take a look?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment