nondracek
PD🧩 Plasmo Developers
•Created by nondracek on 5/7/2024 in #👟framework
Parcel version outdated
Plasmo's parcel version is outdated and has high vulnerability. Current version is set to 2.9.3, but this uses an outdated msgpackr version.
Is there any plan to fix this? Unfortunately this is a large security concern and blocks our use.
Github scanner advisory:
https://github.com/advisories/GHSA-7hpj-7hhx-2fgx
I do see a PR that has been untouched for 6 months in the repo:
https://github.com/PlasmoHQ/plasmo/pull/813
2 replies