Closed titch-ane closed 3 years ago
I am also seeing a vulnerability with the FBJS version. Was wondering about a different solution. Given that the FBJS library is only being used for canUseDom and also given the relative simplicity of the method, can it be put into the library and remove the dependency from FBJS?
This is the canUseDom check from the library
const canUseDOM = !!( typeof window !== 'undefined' && window.document && window.document.createElement );
Thanks @McGern I've just dropped this in rather than including that library
as you can see, fbjs 1.0.0 (Sep 18, 2018) related to core-js 2, but fbjs v2.0.0 (Sep 23, 2019) released. maybe it's time to update the dependencies?