Skip to content

Commit 2857042

Browse files
tanemtanem
committed
Fix npm audit vulnerabilities
Update @rollup/plugin-terser from 0.4.4 to 1.0.0 to resolve serialize-javascript RCE vulnerability (high). Bump transitive dependencies ajv to 6.14.0 (moderate ReDoS) and minimatch to 3.1.5/9.0.9 (high ReDoS) via npm audit fix.
1 parent f46de18 commit 2857042

2 files changed

Lines changed: 22 additions & 53 deletions

File tree

package-lock.json

Lines changed: 21 additions & 52 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@
8282
"@rollup/plugin-commonjs": "29.0.0",
8383
"@rollup/plugin-node-resolve": "16.0.3",
8484
"@rollup/plugin-replace": "6.0.3",
85-
"@rollup/plugin-terser": "0.4.4",
85+
"@rollup/plugin-terser": "1.0.0",
8686
"@testing-library/react": "16.3.2",
8787
"@types/hoist-non-react-statics": "3.3.7",
8888
"@types/jest": "30.0.0",

0 commit comments

Comments
 (0)