Regular expression denial of service in scss-tokenizer #18055
Assignees
Labels
CMS Team
CMS Product team that manages both editor exp and devops
content-build
Defect
Something isn't working (issue type)
Comments
edmund-dunn
added
Defect
|
Currently, I believe the node-sass package requires sass-graph, which requires scss-tokenizer. So I believe we need to update the dependency of the tokenizer and graph within node-sass. |
|
this PR was merged and the work here should be good to go @gracekretschmer-metrostar |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
This is partly a discovery ticket. If you find this is blocked because of version issues, especially with node please annotate that in the Confluence page and here in the ticket.
One other package sass-graph depends on an early version of this. Worst case is that two packages need to be upgraded, so this shouldn’t be too difficult.
Acceptance Criteria
The text was updated successfully, but these errors were encountered: