Open Joolyan opened 1 year ago
@Joolyan what versions of nodejs
and npm
are you using?
node v18.16.0 npm v9.5.1
Does not affect many dependencies. Needs to be corrected after the update. If you have the time and opportunity, I will gladly accept from you PR.
Installing the latest version (0.10.0) on macOS 11.7.7 generates the following issue...
got <11.8.5 Severity: moderate Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97 fix available via
npm audit fix --force
Will install posthtml-cli@0.7.7, which is a breaking change node_modules/got package-json <=6.5.0 Depends on vulnerable versions of got node_modules/package-json latest-version 0.2.0 - 5.1.0 Depends on vulnerable versions of package-json node_modules/latest-version update-notifier 0.2.0 - 5.1.0 Depends on vulnerable versions of latest-version node_modules/update-notifier posthtml-cli >=0.8.0 Depends on vulnerable versions of update-notifier node_modules/posthtml-cliInstalling the latest version of got didn't resolve the vulnerabilities, but all okay using posthtml-cli@0.7.7
Any ideas as to what I've done wrong?