Closed angelaman closed 3 years ago
Hi guys,
I read here, highlight.js versions prior 10.4.1 are all vulnerable to potential ReDOS attacks. markdown-it-highlightjs currently depends on version 10.2.0. Can you update it to version 10.4.1 instead? Thanks!
10.2.0
We depend on ^10.2.0 which means a npm upgrade will allow you to use further semver-compatible versions like 10.4.1 :)
^10.2.0
npm upgrade
Hi guys,
I read here, highlight.js versions prior 10.4.1 are all vulnerable to potential ReDOS attacks. markdown-it-highlightjs currently depends on version
10.2.0
. Can you update it to version 10.4.1 instead? Thanks!