Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core): marked dependency is insecure version #612

Merged
merged 1 commit into from
Jan 8, 2018
Merged

fix(core): marked dependency is insecure version #612

merged 1 commit into from
Jan 8, 2018

Conversation

gchoqueux
Copy link
Contributor

In jsdoc, marked dependency is insecure version (0.3.6)
A issue propose a temporary solution: to add an explicit dependency to marked ~0.3.9
jsdoc/jsdoc#1489 (comment)

@gchoqueux
fix(core): marked dependency is insecure version
5b340be 
In jsdoc, marked dependency is insecure version (0.3.6)
A issue propose a temporary solution: to add an explicit dependency to marked ~0.3.9
jsdoc/jsdoc#1489 (comment)
zarov
zarov approved these changes Jan 8, 2018
View reviewed changes
Copy link
Contributor

@zarov zarov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No problem to update it, but FYI we are not impacted by the CVE as we don't run this package in a server.

@gchoqueux
Copy link
Contributor Author

@zarov, yes

@gchoqueux gchoqueux merged commit b7c222f into master Jan 8, 2018
@gchoqueux gchoqueux deleted the fix_vul branch January 8, 2018 13:10
@Desplandis Desplandis mentioned this pull request Jun 21, 2024
Merged
24 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zarov zarov zarov approved these changes

Assignees
No one assigned
Labels
bug 🐛
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gchoqueux @zarov