Open DaanDL opened 8 months ago
I received a message from or audit stating that there's a vulnerability breach in on of our packages through vuepress/markdown:
@vuepress/markdown:1.9.10 --> @vuepress/shared-utils:1.9.10 --> globby:9.2.0 --> fast-glob:2.2.7 --> glob-parent:3.1.0
Fixes a vulnerability in glob-parent.
Upgrade the globby dependency to the latest version, 13.x, this then has a dependency on a newer version of fast-glob, which uses a newer version of glob-parent.
Yes
Feature request
I received a message from or audit stating that there's a vulnerability breach in on of our packages through vuepress/markdown:
@vuepress/markdown:1.9.10 --> @vuepress/shared-utils:1.9.10 --> globby:9.2.0 --> fast-glob:2.2.7 --> glob-parent:3.1.0
What problem does this feature solve?
Fixes a vulnerability in glob-parent.
How should this be implemented in your opinion?
Upgrade the globby dependency to the latest version, 13.x, this then has a dependency on a newer version of fast-glob, which uses a newer version of glob-parent.
Are you willing to work on this yourself?
Yes