diff options
author | Sheogorath | 2018-11-21 11:11:47 +0100 |
---|---|---|
committer | Sheogorath | 2018-11-21 11:12:09 +0100 |
commit | 33774c11b989a6a8aa2517e1a83d39c43741fc90 (patch) | |
tree | 5e4ffcd190bf4449af4e4cb9cc71889e44417662 /package.json | |
parent | 2323d203b4fbeff87a2a8be3fc1c5f34c84120d3 (diff) |
Update from to-markdown to turndown
We got a security alert for a regular expression DoS attack on our used
library `to-markdown`.
After checking `to-markdown` to be maintained or not, it turned out they
renamed the library to `turndown`. So upgrading to `turndown` should fix
this vulnerbility.
References:
https://www.npmjs.com/package/to-markdown
https://github.com/domchristie/turndown/wiki/Migrating-from-to-markdown-to-Turndown
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to '')
-rw-r--r-- | package.json | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package.json b/package.json index ee3c3830..3c3f359a 100644 --- a/package.json +++ b/package.json @@ -123,8 +123,8 @@ "store": "^2.0.12", "string": "^3.3.3", "tedious": "^1.14.0", - "to-markdown": "^3.0.3", "toobusy-js": "^0.5.1", + "turndown": "^5.0.1", "uuid": "^3.1.0", "validator": "^10.4.0", "velocity-animate": "^1.4.0", |