While doing an audit at Algolia (we are using console-feed in our Crawler UI)
@EgiX reported a Low vuln on our links, turns out it was coming from your package. Took the opportunity to do the fix directly here.
Allow passing linkify.js options from root to ObjectTree
Add @types/linkify
Add unit test with and without options passed
Set NodeJs version to minimum 10.13.0 (below seems to not work)
While doing an audit at Algolia (we are using console-feed in our Crawler UI) @EgiX reported a Low vuln on our links, turns out it was coming from your package. Took the opportunity to do the fix directly here.
linkify.jsoptions from root to ObjectTree@types/linkifyI'll suggest adding
{ rel: "noopener" }or{ rel: "noreferrer" }by default to avoid this surface of attack https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html#tabnabbing Actually I'm surprised it was never reported to/from CodeSandbox as it a predominant user of this package.