You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Moderate Regular Expression Denial of Service
Package marked
Patched in >=0.6.2
Dependency of esdoc [dev]
Path esdoc > marked
More info https://nodesecurity.io/advisories/812
Moderate Regular Expression Denial of Service
Package marked
Patched in >=0.6.2
Dependency of esdoc-standard-plugin [dev]
Path esdoc-standard-plugin > esdoc-publish-html-plugin > marked
More info https://nodesecurity.io/advisories/812
found 2 moderate severity vulnerabilities in 859520 scanned packages
2 vulnerabilities require manual review. See the full report for details.
The text was updated successfully, but these errors were encountered:
Other than that it seems that all dependencies are locked to a single version which makes deduplication a no-go.
Also, if a vulnerability is found in any other dependency it's impossible to npm audit fix it automatically.
Both esdoc and esdoc-publish-html-plugin depend on 'marked', which has a security warning in the npm audit report.
Please upgrade to >=0.6.2 of marked to resolve this audit failure.
See: https://nodesecurity.io/advisories/812 for more information
npm audit --registry https://registry.npmjs.org
The text was updated successfully, but these errors were encountered: