search

fontello / svg2ttf

SVG -> TTF font convertor
MIT License
518 stars 79 forks source link

Update xmldom dependency #103

Closed Eusebius1920 closed 3 years ago

Eusebius1920 commented 3 years ago

current entry in package.json:

"xmldom": "~0.1.22"

prevents updating to xmldom >= 0.5 and thus is affected by

https://www.npmjs.com/advisories/1650

ghost commented 3 years ago

+1 upvote for fixing this. Will also allow consumer packages (e.g. webfont) to update to a non-vulnerable version