search

unplugin / unplugin-vue-components

📲 On-demand components auto importing for Vue
https://www.npmjs.com/package/unplugin-vue-components
MIT License
3.65k stars 341 forks source link

chor: bump version braces to 3.0.3 #769

Closed airene closed 3 weeks ago

airene commented 3 weeks ago

https://github.com/advisories/GHSA-grv7-fg5c-xmjg braces有一个安全问题,发现是chokidar依赖了此包,我也在chokidar提交pull request,在chokidar发版之前应该把braces拿出来当显示依赖,达到升级到安全版本的目的

stackblitz[bot] commented 3 weeks ago

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.