Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update package loader-utils #58

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

JurgenThijs
Copy link

loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable
It is patched in >=1.4.2

Updated loader-utils version in package.json to 3.2.1

@courtyenn
Copy link

Could this be merged in?

@andy-vanwagoner-jn
Copy link

I could merge this in, but I've been out of the JavaScript ecosystem for several years, so publishing will be a pain since I'll have to go relearn the whole process & dig up credentials.

My recommendation is to fork & create a package you are willing to maintain. I'm considering archiving this repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants