Closed mpicard closed 1 year ago
There are a few formatting issues and a missing --help line so I had to update a testa and I had to disable linting for a few lines
See https://github.com/remarkjs/remark/issues/710 and https://github.com/remarkjs/remark/issues/782#issuecomment-882064955. It’s not a security vulnerability. It’s a potential slowdown. In an unsupported package. You might want to update your dependencies when possible though!
Duplicate of #710
Hi! This was closed. Team: If this was merged, please describe when this is likely to be released. Otherwise, please add one of the no/*
labels.
Hi! Thanks for taking the time to contribute!
Because we treat pull requests as our backlog, we close duplicates to focus our work and not have to touch the same chunk of code for the same reason multiple times. This is also why we may mark something as duplicate that isn’t an exact duplicate but is closely related.
Thanks, — bb
Hi team! It seems this post is a duplicate, but hasn’t been marked as such. Please post a comment w/ Duplicate of #123
(no final .
) to do so. See GH docs for more info.
Thanks, — bb
Update trim to v1.0.1
https://github.com/advisories/GHSA-w5p7-h5w8-2hfq
Initial checklist
Description of changes
I would like to propose a patch to v8 of remark-parse, unfortunately there are no separate branches so I am unsure how to proceed but I will base
main
for now and hope that a maintainer can provide a way to release a patch for v8.This patch simply updates
trim
from 0.0.1 with known CVE-2020-7753 to 1.0.1.This obviously cannot be merged into
main
but I will open a PR anyways because this issue could be easily fixed with a patch.npm test
passes