VideoJS plugin that leverages videojs-contrib-quality-levels plugin to offer manual user-select able level selection options for adaptive http streams.
I just got around to making a pull request but was beaten to the punch by @leonklingele
In the process of forking, cloning, NPM installing, and starting to work, I noticed the following from npm audit:
found 321 vulnerabilities (3 low, 2 moderate, 314 high, 2 critical) in 11672 scanned packages
run `npm audit fix` to fix 318 of them.
3 vulnerabilities require manual review. See the full report for details.
Running npm audit fix updates jsdoc from ^3.4.3 to ^3.6.3 and resolves 318 of the issues
The remaining 3 issues are all "low" severity and all derive from the braces sub-dependency (used by both qunitjs and rollup-watch). Since they're both pulling in braces from micromatch, it may make more sense for micromatch to update those? I'm not entirely sure what the process is when a sub-dependency has a security issue like that.
I just got around to making a pull request but was beaten to the punch by @leonklingele
In the process of forking, cloning, NPM installing, and starting to work, I noticed the following from
npm audit
:Running
npm audit fix
updatesjsdoc
from^3.4.3
to^3.6.3
and resolves 318 of the issuesThe remaining 3 issues are all "low" severity and all derive from the
braces
sub-dependency (used by bothqunitjs
androllup-watch
). Since they're both pulling inbraces
frommicromatch
, it may make more sense formicromatch
to update those? I'm not entirely sure what the process is when a sub-dependency has a security issue like that.