New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade immer to 8.0.1 #4066
Comments
Has there been any movement on this security patch? Are there plans for an update? |
Would like to see this get updated as well. |
Linking to related issue #4050. There are also some discussions regarding the |
@ianstormtaylor How has this not been fixed? This is an RCE issue |
Hello! I am still receiving the vulnerability notice with
|
Any updates on patching slate-history? |
Any Updates on this? |
Any update on this? :) |
Do you want to request a feature or report a bug?
Security patch for dependency
Can the immer package be upgraded to 8.0.1 as per #4050?
The immer project recently fixed a Prototype Pollution vulnerability.
immerjs/immer#738
What's the current behavior?
packages/slate/package.json
packages/slate-history/package.json
both reference "immer": "^7.0.0"
Slate: 0.60.2
Browser: All
OS: All
What's the expected behavior?
packages/slate/package.json
packages/slate-history/package.json
both reference "immer": "^8.0.1"
as per #4050
The text was updated successfully, but these errors were encountered: