search

bkeepers / parse-reminder

a node module to parse natural language reminders into who, what, and when
ISC License
22 stars 7 forks source link

Security Vulnerability #17

Open stdavis opened 4 months ago

stdavis commented 4 months ago

I recently ran npm audit on one of my projects that uses this project as a dependency and got the following report:

# npm audit report

chrono-node  <2.2.4
Severity: high
Denial of service in chrono-node - https://github.com/advisories/GHSA-hpmr-g4pq-jhgp
No fix available
node_modules/chrono-node
  parse-reminder  *
  Depends on vulnerable versions of chrono-node
  node_modules/parse-reminder

Is this project still maintained? If so, I'd be happy to work on a PR to get this addressed. Thanks!

bkeepers commented 4 months ago

Hey @stdavis, a pull request would be appreciated. Thanks!