Skip to content

Commit

Permalink
[examples] Update remark dependency for blog-starter (#33313)
Browse files Browse the repository at this point in the history 
Upgrade remark-html dependency to resolve the critical vulnerability.

Newer versions like 15.0.1 do not work with this example but version 13.0.2 fixes the security issue and still works.
```
                       === npm audit security report ===

# Run  npm install remark-html@15.0.1  to resolve 1 vulnerability
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical      │ Unsafe defaults in `remark-html`                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ remark-html                                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ remark-html                                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ remark-html                                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ GHSA-9q5w-79cv-947m            │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
<!--
Thanks for opening a PR! Your contribution is much appreciated.
In order to make sure your PR is handled as smoothly as possible we request that you follow the checklist sections below.
Choose the right checklist for the change that you're making:
-->

## Bug

- [ ] Related issues linked using `fixes #number`
- [ ] Integration tests added
- [ ] Errors have helpful link attached, see `contributing.md`

## Feature

- [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR.
- [ ] Related issues linked using `fixes #number`
- [ ] Integration tests added
- [ ] Documentation added
- [ ] Telemetry added. In case of a feature if it's used or not.
- [ ] Errors have helpful link attached, see `contributing.md`

## Documentation / Examples

- [ ] Make sure the linting passes by running `yarn lint`
  • Loading branch information
@jonrosner
jonrosner committed Jan 14, 2022
1 parent 5748915 commit 89b8d58
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion examples/blog-starter/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"react": "^17.0.2",
"react-dom": "^17.0.2",
"remark": "13.0.0",
"remark-html": "13.0.1"
"remark-html": "13.0.2"
},
"devDependencies": {
"autoprefixer": "^10.4.0",
Expand Down

0 comments on commit 89b8d58

Please sign in to comment.