search

kangax / html-minifier

Javascript-based HTML compressor/minifier (with Node.js support)
http://kangax.github.io/html-minifier/
MIT License
4.94k stars 571 forks source link

chore: update dependencies #1153

Open j9t opened 5 months ago

j9t commented 5 months ago

Bumped dependencies by some simple npm audit fix. Though according to npm, this fixed 12 of 15 vulnerabilities, 3 persist; left it there for this update.

j9t commented 5 months ago

Btw, when testing, I ran into some issues with ESLint. If not already in progress or pointed out elsewhere, should be worth looking into. html-minifier is using a now deprecated way of configuring ESLint; still, the current issues may be treatable by adding and adjusting

"parserOptions": {
  "ecmaVersion": "latest"
},

in the config.)

GintasS commented 5 days ago

Hi there. Thank you for your work. Do you think your PR fixes this CVE?

https://www.mend.io/vulnerability-database/CVE-2022-37620