search

jackall3n / postcss-scope

🔭 A small plugin to allow you to scope your css with a custom selector
5 stars 2 forks source link

Remove postcss-scopify dependency #8

Closed gbale closed 8 months ago

gbale commented 8 months ago

Hey, thanks for making this plugin. Dependency postcss-scopify triggers a vulnerability warning, but it doesn't seem to be needed. Could we remove it?

# npm audit report

postcss  <=8.4.30
Severity: moderate
Regular Expression Denial of Service in postcss - https://github.com/advisories/GHSA-566m-qj78-rww5
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
No fix available
node_modules/postcss-scopify/node_modules/postcss
  postcss-scopify  *
  Depends on vulnerable versions of postcss
  node_modules/postcss-scopify
jackall3n commented 8 months ago

@gbale thanks for the PR! Can you run pnpm i to update the lock file and i'll merge