Skip to content

Npm audit failure due to word-wrap dependency of escodegen fork #1179

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
paulcdejean opened this issue Jul 1, 2023 · 1 comment · May be fixed by javascript-obfuscator/escodegen#7
Open

Npm audit failure due to word-wrap dependency of escodegen fork #1179

paulcdejean opened this issue Jul 1, 2023 · 1 comment · May be fixed by javascript-obfuscator/escodegen#7

Comments

@paulcdejean
Copy link 


word-wrap  *
Severity: moderate
word-wrap vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-j8xg-fqg3-53r7
fix available via `npm audit fix`
node_modules/word-wrap
  optionator  0.8.3 - 0.9.1
  Depends on vulnerable versions of word-wrap
  node_modules/@javascript-obfuscator/escodegen/node_modules/optionator```
@paulcdejean paulcdejean linked a pull request Jul 1, 2023 that will close this issue
Open
@paulcdejean
Copy link
Author

Alternatively things can be backported from upstream but that's a lot more work than the ver bump.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update optionator version paulcdejean/escodegen
1 participant
@paulcdejean