You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks, reading the advisory it says Users that only compile trusted code are not impacted. and since users use depcheck to check their own code I guess this doesn't really impact our users. Would be nice to update though
Bug Description
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
Code snippets
Where the dependency is used:
src/special/gulp-load-plugins.js
Where the dependency is listed in package.json:
dependencies
Versions
node -v
: 18.17.0npm -v
: 9.6.7depcheck --version
: 1.4.6Extra info
GitHub Advisory Database
The text was updated successfully, but these errors were encountered: