vuepress @vuepress/shared-utils: migrate to newer version of globby

@vuepress/shared-utils: migrate to newer version of globby

Open DaanDL opened this issue 2 years ago • 1 comments

Feature request

I received a message from or audit stating that there's a vulnerability breach in on of our packages through vuepress/markdown:

@vuepress/markdown:1.9.10 --> @vuepress/shared-utils:1.9.10 --> globby:9.2.0 --> fast-glob:2.2.7 --> glob-parent:3.1.0

What problem does this feature solve?

Fixes a vulnerability in glob-parent.

How should this be implemented in your opinion?

Upgrade the globby dependency to the latest version, 13.x, this then has a dependency on a newer version of fast-glob, which uses a newer version of glob-parent.

Are you willing to work on this yourself?

Yes

Oct 26 '23 07:10 DaanDL

vuepress vuepress copied to clipboard

@vuepress/shared-utils: migrate to newer version of globby

Feature request

What problem does this feature solve?

How should this be implemented in your opinion?

Are you willing to work on this yourself?

vuepress
vuepress copied to clipboard