You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am receiving a high severity vulnerability caused by the url-regex package.
Failure Information (for bugs)
Here is the NPM vulnerability: https://www.npmjs.com/advisories/1550
There is an alternative package that can (and should) be used instead called url-regex-safe and a new release should be published. favicon-webpack-plugin indirectly depends on url-regex, which is no longer maintained, so jimp is the one that needs to address it unfortunately.
Steps to Reproduce
Run npm audit
Notice the "high" severity vulnerability
Screenshots
N/A
Context
N/A
Jimp Version:
Operating System:
Node version:
Failure Logs
N/A
The text was updated successfully, but these errors were encountered:
Expected Behavior
No npm vulnerabilities in CI/CD.
Current Behavior
I am receiving a high severity vulnerability caused by the url-regex package.
Failure Information (for bugs)
Here is the NPM vulnerability: https://www.npmjs.com/advisories/1550
There is an alternative package that can (and should) be used instead called url-regex-safe and a new release should be published. favicon-webpack-plugin indirectly depends on url-regex, which is no longer maintained, so jimp is the one that needs to address it unfortunately.
Steps to Reproduce
npm audit
Screenshots
N/A
Context
N/A
Failure Logs
N/A
The text was updated successfully, but these errors were encountered: