mdx-js
Is v1 desupported? #2150
Answered
by
ChristianMurphy
LunaticMuch
asked this question in
Q&A
Is v1 desupported?
#2150
-
|
It might be I did not find it, but is the v1 desupported? Many libraries still use v1 and I've found a security issue with An update to [email protected] should quickly solve the trouble. |
Beta Was this translation helpful? Give feedback.
Answered by
ChristianMurphy
Oct 10, 2022
Replies: 1 comment
-
|
Please see any of the many times this question has been asked https://github.com/mdx-js/mdx/issues?q=is%3Aissue+trim+is%3Aclosed+vulnerable and discussed https://github.com/mdx-js/mdx/discussions?discussions_q=trim+security To reiterate:
|
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
ChristianMurphy
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please see any of the many times this question has been asked https://github.com/mdx-js/mdx/issues?q=is%3Aissue+trim+is%3Aclosed+vulnerable and discussed https://github.com/mdx-js/mdx/discussions?discussions_q=trim+security
To reiterate:
https://overreacted.io/npm-audit-broken-by-design provides some additional insights into why
npm auditandsnyk, while useful, can also be broken for packages like react and mdx, flagging non-issues.trimas a dependency