Do you have plans to update?
judahtanthony opened this issue · 1 comments
judahtanthony commented
-
I'm submitting a ...
[ ] bug report
[ ] feature request
[X] question about the decisions made in the repository
[ ] question about how to use this project -
Summary
I used your project to kickstart a package I'm building https://github.com/judahtanthony/node-aescrypt, and it seems there are a number of libraries that should be updated (at least one for security reasons). I was wondering if you had plans to update/upgrade, or if you have suggestions of other frameworks to use. -
Other information
$ yarn audit
yarn audit v1.16.0
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ marked │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.6.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ typedoc │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ typedoc > marked │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/812 │
└───────────────┴──────────────────────────────────────────────────────────────┘
1 vulnerabilities found - Packages audited: 5679
Severity: 1 Moderate
✨ Done in 1.32s.bitjson commented
Hey @judahtanthony, I just updated all dependencies and released v2.4.3. Thanks for the issue!