Update xlsx 0.16.9 to 0.17.0

HalitTalha / ng-material-extensions

Extended features for @angular/material components

Apache License 2.0

101 stars 52 forks source link

Update xlsx 0.16.9 to 0.17.0 #125

Closed SGTMcClain closed 3 years ago

SGTMcClain commented 3 years ago

SheetJS (xlsx) 0.16.9 allows attackers to cause a denial of service (CPU_ consumption via a crafted .xlsx document that is mishandled when read by xlsx.js.

SheetJS has fixed this in 0.17.0 however I would like to be sure that the fix doesn't break anything within the cdk-table-exporter

It looks like the bot has already submitted the update in Pull Requests it just needs to be approved

aki-kesulahti commented 3 years ago

I would really like to see this update happening because it's causing moderate severity vulnerabilities alerts from npm audit and Dependabot. Too bad this whole project is on one person shoulders.

HalitTalha commented 3 years ago

Released the fixed version. Sorry for being able to release every 6 months or so.