-
-
Notifications
You must be signed in to change notification settings - Fork 281
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security patch for version 5 fixing serialize-javascript npm audit #520
Comments
Why do not update copy-webpack-plugin? |
I don't know, it was just an idea, because there are some breaking changes, it is maybe not an easy upgrade. |
I am in a similar spot. Trying to find out if we can jump from 5.1.1 to the latest semver to remove this security warning. Is the update across versions seamless? |
@BryceV you need to read changelog, there are many breaking changes |
Also a good idea: We can close this issue then I guess. It is not as clean than having a small security release for version 5 of "copy-webpack-plugin" though. |
Update with release v5.1.2, thanks @evilebottnawi! |
Feature Proposal
Provide a security dependency patch for version 5 to fix the serialize-javascript issue.
e.g. 5.1.2
Just an idea, if you want that vue-cli do upgrade to version 6 then the fix in in vue-cli will take probably longer.
Feature Use Case
vuejs/vue-cli#5789
vuejs/vue-cli#5782
The text was updated successfully, but these errors were encountered: