We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
find-node-modules
braces
Low Regular Expression Denial of Service Package braces Patched in >=2.3.1 Dependency of browserify-css [dev] Path browserify-css > find-node-modules > findup-sync > micromatch > braces More info https://npmjs.com/advisories/786
Low Regular Expression Denial of Service
Package braces
Patched in >=2.3.1
Dependency of browserify-css [dev]
Path browserify-css > find-node-modules > findup-sync > micromatch > braces
More info https://npmjs.com/advisories/786
I have made an comment requesting a new version of [email protected] be released with an update to the braces dependency, which might happen and thus resolve this.
[email protected]
However, ideally browserify-css should update find-node-modules to v2.0.0, to resolve this security vulnerability.
browserify-css
v2.0.0
The text was updated successfully, but these errors were encountered:
Also hoping for a dependency version bump up to get rid of the vulnerability. Doing it by hand introduces a whole new process to deployment.
Sorry, something went wrong.
Successfully merging a pull request may close this issue.
I have made an comment requesting a new version of
[email protected]
be released with an update to thebraces
dependency, which might happen and thus resolve this.However, ideally
browserify-css
should updatefind-node-modules
tov2.0.0
, to resolve this security vulnerability.The text was updated successfully, but these errors were encountered: