search

IBM / nodejs-itoolkit

A JavaScript (Node.js) library for communicating with IBM i
MIT License
43 stars 37 forks source link

Address vulnerabilities in docs packages #382

Closed kadler closed 1 year ago

kadler commented 1 year ago

Certifi version shouldn't matter. In fact most of these shouldn't matter. Perhaps we should just pin the Sphinx package versions?

abmusse commented 1 year ago

Certifi version shouldn't matter. In fact most of these shouldn't matter. Perhaps we should just pin the Sphinx package versions?

I think that would make the most sense.

Could we just pin the specific version of sphinx-js?

From there docs looks like it pulls in the version of Sphinx it needs

See Step 2: https://github.com/mozilla/sphinx-js#setup

kadler commented 1 year ago

I think for now let's just address these vulnerabilities. Later we can decide how we want to handle the docs deps.