We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hey guys, we've had a security warning regarding xmldom in https://github.com/owncloud/ocis - see https://nvd.nist.gov/vuln/detail/CVE-2022-39299
xmldom
The outdated xmldom package comes from the cldr version you declared as a dependency in your package.json, see https://github.com/Kopano-dev/kpop/blob/master/package.json#L26
cldr
However, I can't find any use of cldr in your code base. Even the commit that introduced it doesn't seem to reference the package in any way.
Is it safe to remove the cldr dependency from kpop? In that case I'd happily make a pull request.
kpop
The text was updated successfully, but these errors were encountered:
e7fc0d4
No branches or pull requests
Hey guys, we've had a security warning regarding
xmldom
in https://github.com/owncloud/ocis - see https://nvd.nist.gov/vuln/detail/CVE-2022-39299The outdated
xmldom
package comes from thecldr
version you declared as a dependency in your package.json, see https://github.com/Kopano-dev/kpop/blob/master/package.json#L26However, I can't find any use of
cldr
in your code base. Even the commit that introduced it doesn't seem to reference the package in any way.Is it safe to remove the
cldr
dependency fromkpop
? In that case I'd happily make a pull request.The text was updated successfully, but these errors were encountered: