markdown2confluence icon indicating copy to clipboard operation
markdown2confluence copied to clipboard
verified publisher icon chunpu

NPM audit reported vulnerabilities

Open mboughaba opened this issue 6 years ago • 1 comments

Dear,

Some of the dependencies are outdated. Would it be possible to upgrade them to solve npm audit?

Low             Incorrect Handling of Non-Boolean Comparisons During
                  Minification

  Package         uglify-js

  Patched in      >= 2.4.24

  Dependency of   markdown2confluence [dev]

  Path            markdown2confluence > jade > transformers > uglify-js

  More info       https://npmjs.com/advisories/39


  Low             Regular Expression Denial of Service

  Package         uglify-js

  Patched in      >=2.6.0

  Dependency of   markdown2confluence [dev]

  Path            markdown2confluence > jade > transformers > uglify-js

  More info       https://npmjs.com/advisories/48


  Moderate        Regular Expression Denial of Service

  Package         marked

  Patched in      >=0.6.2

  Dependency of   markdown2confluence [dev]

  Path            markdown2confluence > marked

  More info       https://npmjs.com/advisories/812


  Low             Regular Expression Denial of Service

  Package         braces

  Patched in      >=2.3.1

  Dependency of   markdown2confluence [dev]

  Path            markdown2confluence > webpack > watchpack > chokidar >
                  anymatch > micromatch > braces

  More info       https://npmjs.com/advisories/786


  Low             Regular Expression Denial of Service

  Package         clean-css

  Patched in      >=4.1.11

  Dependency of   markdown2confluence [dev]

  Path            markdown2confluence > jade > clean-css

  More info       https://npmjs.com/advisories/785

Cheers, Mo

mboughaba avatar Apr 20 '19 06:04 mboughaba

I think this project is not supported anymore, consider using an alternative like this

Shogobg avatar Oct 14 '20 08:10 Shogobg