css-validator icon indicating copy to clipboard operation
css-validator copied to clipboard

Published 20 hours ago verified publisher icon twolfson

NPM Vulnerabilities

Open dr3 opened this issue 6 years ago • 2 comments

Describe the bug Package has a lot of vulnerabilities

To Reproduce Steps to reproduce the behavior:

  1. Run npm audit
  2. See error
found 47 vulnerabilities (15 low, 16 moderate, 15 high, 1 critical)

Expected behavior Has no vulnerabilities

Additional context Just adding this issue as a reference, this package would be great to use in our project but will need to fix vulnerabilities first. Hopefully I can find time to submit a PR :)

dr3 avatar Jun 30 '19 18:06 dr3

A quick glance over the vulnerabilities seems to be that all of them are for our devDependencies which is why they haven't been prioritized. Happy to accept a PR for their upgrades though =)

twolfson avatar Jun 30 '19 22:06 twolfson

Yeah, when you install the only prod vulnerability is moderate from form-data although it appears it wont be a clean version bump https://github.com/twolfson/css-validator/issues/10

dr3 avatar Jun 30 '19 22:06 dr3