Closed known-as-bmf closed 4 years ago
rollup-plugin-terser v5.x has a dependency on serialize-javascript 2.x. This version of serialize-javascript includes an high severity security issue.
rollup-plugin-terser
serialize-javascript
No security issue.
Bump rollup-plugin-terser dependency to at least ^6.0.0.
^6.0.0
N/A
TSDX 0.13.2
Duplicate of https://github.com/formium/tsdx/pull/731#issuecomment-672246494
agilgur5
commented
4 years ago agilgur5
commented
4 years ago
Current Behavior
rollup-plugin-terserv5.x has a dependency onserialize-javascript2.x. This version ofserialize-javascriptincludes an high severity security issue.Expected behavior
No security issue.
Suggested solution(s)
Bump
rollup-plugin-terserdependency to at least^6.0.0.Additional context
N/A
Your environment
TSDX 0.13.2