mkszepp
commented
1 month ago This PR fix also a vulnerability in braces v2.x as sane v4 brings this outdated version
https://github.com/advisories/GHSA-grv7-fg5c-xmjg
Open LucasHill opened 3 months ago
mkszepp
commented
1 month ago This PR fix also a vulnerability in braces v2.x as sane v4 brings this outdated version
https://github.com/advisories/GHSA-grv7-fg5c-xmjg
There is an vulnerability in the unset-value package. This is being brought in through sane 4.x. All ember projects depend on broccoli through ember-cli and other packages. Even though the security risks of this vulnerability are admittedly low, it is triggering automated security systems and would be an easy fix if we could release a patch. I do not see any API changes in sane 5.x but the broccoli tests will not run for me.