cibilex
commented
3 weeks ago I cannot use quill-mention because they use different versions.Could you please update the quill version to current one.
Open Jorelia opened 1 month ago
cibilex
commented
3 weeks ago I cannot use quill-mention because they use different versions.Could you please update the quill version to current one.
imhvost
commented
2 weeks ago So what's up, will there be an update or not?
cibilex
commented
2 weeks ago So what's up, will there be an update or not?
nobady knows :)
hannes1337
commented
2 weeks ago is there a hotfix to it?
Jorelia
commented
1 week ago Quill has published a new version. v 2.0.2 and we would like that vueup/vue-quill library follow the movement. We also use the library quill-html-edit-button and this team has updated its library in this commit: fix #72.
Running npm audit shows this message below and we hope with the new version of Quill will close the risk.
quill <=1.3.7 Severity: moderate Cross-site Scripting in quill - https://github.com/advisories/GHSA-4943-9vgg-gr5r
Then, as the previous version of Quill is 1.3.7, passing to 2.0.2 is probably a breaking change for vueup/vue-quill and then we are waiting the update to upgrade our project and close hopefully the risk.
Thank you very much for your understanding.
egeersoz
commented
5 days ago Any updates? We need this ASAP.
Could you please Quill as it has been updated with the version 2.0.2?
+-- @vueup/vue-quill@1.2.0 | +-- quill-delta@4.2.2 | | +-- fast-diff@1.2.0 | | +-- lodash.clonedeep@4.5.0 | | `-- lodash.isequal@4.5.0 | +-- quill@1.3.7 | | +-- clone@2.1.2 | | +-- deep-equal@1.1.1
See also: https://github.com/benwinding/quill-html-edit-button/issues/72
Thank you.