Skip to content

chore: update nanoid to 5.0.9 to resolve warnings of CVE-2024-55565 #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore: update nanoid to 5.0.9 to resolve warnings of CVE-2024-55565 #54

wants to merge 1 commit into from

Conversation

@cam-shaw
Copy link

@cam-shaw cam-shaw commented Jan 2, 2025

CVE: https://www.cve.org/CVERecord?id=CVE-2024-55565

PR simply updates nanoid to 5.0.9

Based on this compared, the changes (and change log) don't indicate to my any concerns for upgrading two major versions
ai/nanoid@3.3.1...5.0.9

Notes from nanoid 4.0 if curious

4.0

  • Removed CommonJS support. Nano ID 4 will work only with ESM applications.
    We will support 3.x branch with CommonJS for users who can’t migrate to ESM.
  • Removed Node.js 10 and Node.js 12 support.
  • Reduced npm package size.

@cam-shaw cam-shaw mentioned this pull request Feb 10, 2025
Open
@crutchcorn crutchcorn mentioned this pull request May 16, 2025
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cam-shaw