add Handlebars options now required to enable proto prop access (possbile security vulnerability) #2
Conversation
|
Hello. Thanks for opening this PR. I don't use this project anymore. Would you like to take over maintaining it? If so I will happily add you as an owner of the npm pacakage. Just let me know your npm username. |
|
Hello. I think a GitHub repo is overkill for what you were trying to do. It's better suited as a StackOverflow question and answer. It would have much more visibility there and actually help far more people. I only came across it while doing exhaustive searches trying to solve a problem, primarily because Handlebars documentation is so lacking and even on StackOverflow I couldn't find anything. Usually it's the best place to find answer. I only submitted the issue and the PR because your claim was no longer true, at least without the changes I made, and I didn't want anyone else to be misled or confused by it. And I had already pretty much done the work in this PR investigating the problem. I also had to submit an issue against Handlebars itself, along with a PR to prove it. I realize as I write this that, if anything, and if I my hands weren't already full on other open source and social justice projects, the best use of time wrt to Handlebars would be to improve the Handlebars docs themself. Thanks for the offer though! |
|
Thanks for the explanation! Will merge this as-is. 👍🏼 |
Fixes #1