stylelint-config-rational-order icon indicating copy to clipboard operation
stylelint-config-rational-order copied to clipboard

Published 20 hours ago verified publisher icon constverum

Update stylelint version to fix vulnerabilities

Open doasync opened this issue 4 years ago • 2 comments 

yarn audit v1.22.4
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint-config-rational-order                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint-config-rational-order > stylelint > meow >         │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘

doasync avatar Sep 27 '20 15:09 doasync

This lib also has a vulnerability on glob-parent, which can be solved by updating stylelint version.

fsmaia avatar Sep 26 '22 19:09 fsmaia

along with trim and trim-newlines

kamilkazmierczakMtab avatar Oct 06 '22 10:10 kamilkazmierczakMtab