A known security vulnerabilities in your dependencies. #2919
Comments
|
Thanks for point this out. We don't think this vulnerability applies to Hexo, unless using it as a server. |
JLHwung
added a commit
that referenced
this issue
Jan 7, 2018
2 tasks
thom4parisot
pushed a commit
to thom4parisot/hexo
that referenced
this issue
Jan 17, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environment Info
Node version(
node -v):v9.2.0
Hexo and Plugin version(
npm ls --depth 0):├── emoji@0.3.2
├── hexo@3.4.3
├── hexo-admin@2.3.0
├── hexo-blog-encrypt@1.1.12
├── hexo-deployer-git@0.3.1
├── hexo-filter-sequence@1.0.3
├── hexo-fs@0.2.2
├── hexo-generator-archive@0.1.5
├── hexo-generator-category@0.1.3
├── hexo-generator-index@0.2.1
├── hexo-generator-restful@0.2.1
├── hexo-generator-tag@0.2.0
├── hexo-lazyload-image@1.0.2
├── hexo-renderer-markdown-it@3.4.1
├── hexo-renderer-stylus@0.3.3
├── hexo-server@0.2.2
└── markdown-it-emoji@1.4.0
For BUG
package-lock.jsonto the dependency.For question
hexo(3.4.3) --> swig(1.4.2) --> uglify-js(2.4.24)
For feature request
The text was updated successfully, but these errors were encountered: