search

SparkPost / heml

HEML is an open source markup language for building responsive email.
https://heml.io
MIT License
4.33k stars 157 forks source link

Fix critical security vulnerabilities #98

Open karlhorky opened 4 years ago

karlhorky commented 4 years ago

Hi there, first of all, thanks for this project! Nice to see work being done in the email ecosystem :)

There are a number of security vulnerabilities in the old dependencies here.

This pull request fixes some of the easier ones (fixed via npm audit fix) and also the critical vulnerability in open.

This is also affecting other projects which depend on heml, such as this one where I have been contributing:

https://github.com/Jinksi/netlify-cms-react-starter/pull/26#issuecomment-580680410

cc @jgzamora @avigoldman @shrirupa @gfriedmansp @nicklemmon

karlhorky commented 4 years ago

cc @jgzamora @avigoldman @shrirupa @gfriedmansp @nicklemmon