Open flect-hiromasa-obayashi opened 3 years ago
1.8.2
Remediation Upgrade ssri to version 8.0.1 or later. For example:
ssri@^8.0.1: version "8.0.1"
Detail CVE-2021-27290
Remediation Upgrade is-svg to version 4.2.2 or later. For example:
is-svg@^4.2.2: version "4.2.2"
Detail CVE-2021-28092
Remediation Upgrade node-fetch to version 2.6.1 or later. For example:
node-fetch@^2.6.1: version "2.6.1"
Detail GHSA-w7rc-rwvf-8q5r
This list of dependabot alerts continues to grow...can we get some ack on this issue? Or should we be planning to just move to the next major release?
Feature request
VuePress version
1.8.2
What problem does this feature solve?
ssl
Remediation Upgrade ssri to version 8.0.1 or later. For example:
Detail CVE-2021-27290
is-svg
Remediation Upgrade is-svg to version 4.2.2 or later. For example:
Detail CVE-2021-28092
node-fetch
Remediation Upgrade node-fetch to version 2.6.1 or later. For example:
Detail GHSA-w7rc-rwvf-8q5r