Skip to content

v3.5.3

Latest
Latest

Choose a tag to compare

View all tags
@linyows linyows released this 05 May 07:12
v3.5.3
708210a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

Security

  • Fix npm audit advisories via overrides and bump to v3.5.3 by @linyows in #219
    • Pin uuid to ^14.0.0 to resolve GHSA-w5hq-g745-h8pq (mermaid still depends on uuid@^11)
    • Pin postcss to ^8.5.10 in next-based projects (website/, examples/nextjs-pagerouter, examples/nextjs-approuter) to resolve GHSA-qx2v-qp2m-jg93 (next pins postcss@8.4.31 in its CSS pipeline)
    • rotion does not bundle its dependencies, so this override only hardens the repo's own audit. Consumers of rotion still rely on the upstream mermaid fix because npm overrides are not transitive

Full Changelog: v3.5.2...v3.5.3

Contributors

linyows
Assets 2
Loading