search

TrySound / rollup-plugin-uglify

Rollup plugin to minify generated bundle
MIT License
260 stars 42 forks source link

Upgrade to minimum version 3.1.0 for serialize-javascript dependency #84

Open nidraper opened 4 years ago

nidraper commented 4 years ago

Serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js".