A dependency of rdf-parser-rdfa, green-turtle exports a tests directory which contains code that uses log4j 1.2. While dokieli never runs this code, in this PR, out of an abundance of caution, I am using an override pointing to fork of green-turtle which excludes the tests directory so that potentially vulnerable code is not pulled into the node_modules.
A dependency of
rdf-parser-rdfa
,green-turtle
exports atests
directory which contains code that uses log4j 1.2. While dokieli never runs this code, in this PR, out of an abundance of caution, I am using an override pointing to fork ofgreen-turtle
which excludes thetests
directory so that potentially vulnerable code is not pulled into the node_modules.