Security vulnerability coming in through nth-check: "Inefficient Regular Expression Complexity in nth-check"

[LaurensUP]

https://github.com/advisories/GHSA-rp65-9cf3-cjxr

coming in through nth-check <2.0.1 ← css-select 4.1.3 ← cheerio-select 1.5.0 ← cheerio 1.0.0-rc.10

Should upgrade cheerio to version 1.0.0-rc.11 or higher

[jrit]

master is already at cheerio rc11 and as far as I can tell that was released in 8.1.0

[LaurensUP]

Hi @jrit, thanks for checking this so promptly. As far as I can see, it's still on 1.0.0-rc.10 https://github.com/Automattic/juice/blob/master/package.json#L38

[jrit]

ok, yeah, I will deal with the dep upgrades, I think I was confused by the subject of a prior PR related to cheerio 11

[jrit]

cheerio at rc12 now