Closed Gildedter closed 1 year ago
Running pnpm audit results in:
pnpm audit
semver vulnerable to Regular Expression Denial of Service Vulnerable versions <7.5.2 Patched versions >=7.5.2 Paths: - pdfjs-dist@3.8.162 > canvas@2.11.2 > @mapbox/node-pre-gyp@1.0.10 > make-dir@3.1.0 > semver@6.3.0 - svelte-pdf@1.0.19 > pdfjs-dist@3.8.162 > canvas@2.11.2 > @mapbox/node-pre-gyp@1.0.10 > make-dir@3.1.0 > semver@6.3.0 More info https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
I saw #56 b61420e0990abe2fc32be21a7dfbb1d90ba76e60, but wasn't sure if that would fix the warning, I haven't checked the source code...
Edit: pdfjs-dist's optional dependency canvas was the root cause, so I'm closing this
pdfjs-dist
Running
pnpm audit
results in:I saw #56 b61420e0990abe2fc32be21a7dfbb1d90ba76e60, but wasn't sure if that would fix the warning, I haven't checked the source code...
Edit:
pdfjs-dist
's optional dependency canvas was the root cause, so I'm closing this