OR13
commented
1 year ago This PR replaces a lot of package names, if the intention is to host those packages in this repo moving forward, I think we probably should have a longer from chat.
Are you in DIF slack?
dimgord
For packages/core we still have this after yarn autit:
┌───────────────┬──────────────────────────────────────────────────────────────┐ │ critical │ xmldom allows multiple root nodes in a DOM │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ xmldom │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ No patch available │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ @transmute/did-key-ed25519 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ @transmute/did-key-ed25519 > @transmute/did-key-common > │ │ │ @did-core/did-ld-json > jsonld-checker > jsonld > xmldom │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://www.npmjs.com/advisories/1090179 │ └───────────────┴──────────────────────────────────────────────────────────────┘>
I couldn’t put “xmldom”: “^0.7.0” in resolutions, don’t know why :/. And one issue still doesn't have a patch.