You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
npm audit reports a vulnerability in a dependency of the metaparser library:
High Denial of Service
Package css-what
Patched in >=5.0.1
Dependency of cli-real-favicon [dev]
Path cli-real-favicon > rfg-api > metaparser > cheerio >
css-select > css-what
More info https://npmjs.com/advisories/1754
The latest release of metaparser uses the latest release of cheerio (v0.22), which uses an outdated version of css-select, which uses the vulnerable version of css-what. I don't think this issue has much impact, but it would be good to fix it nonetheless.
The metaparser package has its latest release 6 years ago and unfortunately the link to source returns a 404:
npm auditreports a vulnerability in a dependency of themetaparserlibrary:The latest release of
metaparseruses the latest release ofcheerio(v0.22), which uses an outdated version ofcss-select, which uses the vulnerable version ofcss-what. I don't think this issue has much impact, but it would be good to fix it nonetheless.The
metaparserpackage has its latest release 6 years ago and unfortunately the link to source returns a 404:Perhaps the best course of action is to find an alternative for
metaparserand replace it?The text was updated successfully, but these errors were encountered: