Comments (3)
is this project still maintained?
This is the state of an open source project that I promised myself that I would never let any of my projects reach, and yet I have. After finding game development I have definitely let my web-based open source projects fall behind. I aim to do better.
On that note, I plan on going through all of my open source projects, starting with doxdox and doxdox plugins, and updating all dependencies to make sure there no avoidable vulnerabilities.
Thank you for the issue and for using doxdox.
from doxdox.
Any news on this?
doxdox 3.0.0 is affected by multiple vulnerabilites:
- https://www.npmjs.com/advisories/1065
- https://www.npmjs.com/advisories/782
- https://www.npmjs.com/advisories/577
- https://www.npmjs.com/advisories/1164
- https://www.npmjs.com/advisories/755
One part of the problem is that you use fixed version constraints instead of something like "handlebars": "^4.1.0"
, so users don't get security updates.
from doxdox.
The latest preview release ( v4.0.0-preview.1 ) of doxdox has resolved the above security issues.
from doxdox.
Related Issues (20)
- Code highlight doesn't work in Bootstrap or Dash output (v4.0.0-preview.1)
- Add missing search input back into Bootstrap output (v4.0.0-preview.1) HOT 1
- Multiple input don't work with CLI (v4.0.0-preview.1)
- v4.0.0-preview
- Windows Execution Policies
- Windows: node_modules directory was not found HOT 1
- Use new ignoreFiles option in globby
- Package name and description are undefined HOT 1
- Switch from a user defined temp directory to using the os temp directory
- Remove rm and cp commands from npm targets for Windows dev support
- doxdox.org is down HOT 4
- UnhandledPromiseRejectionWarning: Error: node_modules directory was not found HOT 1
- Incoherent dependencies HOT 1
- static getters are ignored HOT 1
- Windows RegEx Support HOT 2
- [feature] Windows support HOT 2
- Create option to not show private methods HOT 3
- Not supported enumeration (type union) HOT 1
- Website is down HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doxdox.