jszip dependency security vulnerability
rooby opened this issue · comments
Reuben Turk commented
The jszip dependency version has a vulnerability and should be updated.
See GHSA-jg8v-48h5-wgxg
Stephen Heindel commented
Resolved as of tag v0.4.0, should be on npm soon.
Stephen Heindel commented
Good news: v0.4.2 is now available.
Less good news: Mapbox changed their deployment organization so this package is now hosted under a different package
@mapbox/shp-write
https://unpkg.com/@mapbox/shp-write@latest/shpwrite.js
Reuben Turk commented
Thanks for your efforts on getting this new version out @sheindel
Aside from the PR I opened about the types it seems to be working for my usage.