search

namecheap / ilc-sdk

SDK intended for use inside Micro Frontends to conveniently communicate with Isomorphic Layout Composer.
https://namecheap.github.io/ilc-sdk/
Apache License 2.0
6 stars 3 forks source link

Vulnerabilities loader-utils npm #58

Open jthibodeauCrakmedia opened 8 months ago

jthibodeauCrakmedia commented 8 months ago

Their is a vulnerabilitie that is introduce by using package webpack-inject-plugin.

See an alternative solution https://github.com/adierkens/webpack-inject-plugin/issues/66 to remove that vulnerabilite.

jthibodeauCrakmedia commented 8 months ago

A proposed solution https://github.com/namecheap/ilc-sdk/pull/59

Aetherinox commented 6 months ago

Another note for people who cannot live without this plugin for some reason, just update the dependency with the vulnerability. It works fine.

  "overrides": {
    "webpack-inject-plugin": {
      "loader-utils": "^1.4.2"
    }
  }

Probably better to use the banner plugin as it has more control.