New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependencies have vulnerabilities #686
Comments
Thanks for noting this! I've just updated a lot of dependencies in #687. There's still one vulnerability listed for cheerio, which is both a critical piece of this project and one that is very hard to touch, in my experience. We have plans to come back to deal with cheerio soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
No vulnerabilities reported by npm audit / yarn audit.
Current Behavior
Audit reports a bunch of vulnerabilities in dependencies of mercury-parser:
Steps to Reproduce
Detailed Description
I'm trying to keep our software free of vulnerabilities in order to reduce security risks for customers. It is good practice in my mind to update dependencies regularly to avoid any such issues.
Possible Solution
Would be great if these dependencies could be updated or replaced with others where necessary.
The text was updated successfully, but these errors were encountered: