redocly-cli icon indicating copy to clipboard operation
redocly-cli copied to clipboard
verified publisher icon Redocly

Upgrade chokidar to 4.x

Open yeikel opened this issue 7 months ago • 0 comments

The project currently relies on an unsupported version of chokidar:

https://github.com/Redocly/redocly-cli/blob/85f12d6dd9198801634ac10e4b23d60c5238ca46/packages/cli/package.json#L50

This introduces transitive insecure dependencies, including CVE-2024-4068.

Upgrading to chokidar v4 should be considered to address these issues

└─┬ @redocly/[email protected]
  └─┬ [email protected]
    └── [email protected]

Additional context: https://github.com/paulmillr/chokidar/issues/1428

yeikel avatar May 30 '25 16:05 yeikel