You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on May 15, 2025. It is now read-only.
The result of running npm audit command on any of hundreds of my components:
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ marked │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.6.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @polymer/iron-component-page [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @polymer/iron-component-page > @polymer/iron-doc-viewer > │
│ │ @polymer/marked-element > marked │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/812 │
└───────────────┴──────────────────────────────────────────────────────────────┘
I also use this element directly, not only through iron-component-page.
I tried to fork the repo and upgrade the version but tests fails. I am not sure what was intention so I will leave it up to you to fix this. I hope it can be fixed as my security team will definitely notice alerts very soon :)
The result of running
npm auditcommand on any of hundreds of my components:I also use this element directly, not only through
iron-component-page.I tried to fork the repo and upgrade the version but tests fails. I am not sure what was intention so I will leave it up to you to fix this. I hope it can be fixed as my security team will definitely notice alerts very soon :)