Scrum
commented
1 year ago @Joolyan what versions of nodejs and npm are you using?
Open Joolyan opened 1 year ago
Scrum
commented
1 year ago @Joolyan what versions of nodejs and npm are you using?
Joolyan
commented
1 year ago node v18.16.0 npm v9.5.1
Scrum
commented
1 year ago Does not affect many dependencies. Needs to be corrected after the update. If you have the time and opportunity, I will gladly accept from you PR.
Installing the latest version (0.10.0) on macOS 11.7.7 generates the following issue...
got <11.8.5 Severity: moderate Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97 fix available via
npm audit fix --forceWill install posthtml-cli@0.7.7, which is a breaking change node_modules/got package-json <=6.5.0 Depends on vulnerable versions of got node_modules/package-json latest-version 0.2.0 - 5.1.0 Depends on vulnerable versions of package-json node_modules/latest-version update-notifier 0.2.0 - 5.1.0 Depends on vulnerable versions of latest-version node_modules/update-notifier posthtml-cli >=0.8.0 Depends on vulnerable versions of update-notifier node_modules/posthtml-cliInstalling the latest version of got didn't resolve the vulnerabilities, but all okay using posthtml-cli@0.7.7
Any ideas as to what I've done wrong?