nest 2 high severity vulnerabilities in `@nestjs/platform-ws`

2 high severity vulnerabilities in `@nestjs/platform-ws`

Open robertIsaac opened this issue 1 year ago • 0 comments

trafficstars

Is there an existing issue for this?

[X] I have searched the existing issues

Current behavior

@nestjs/platform-ws has hard dependency on "ws": "8.17.0" which has the vulnerabilities https://github.com/advisories/GHSA-3h5v-q93c-6h6q we need to update it to 8.17.1

Minimum reproduction code

any project with @nestjs/platform-ws

Steps to reproduce

npm i @nestjs/platform-ws

Expected behavior

to depend on "ws": "8.17.1" or even better "ws": "~8.17.1"

Package

[ ] I don't know. Or some 3rd-party package
[ ] @nestjs/common
[ ] @nestjs/core
[ ] @nestjs/microservices
[ ] @nestjs/platform-express
[ ] @nestjs/platform-fastify
[ ] @nestjs/platform-socket.io
[x] @nestjs/platform-ws
[ ] @nestjs/testing
[ ] @nestjs/websockets
[ ] Other (see below)

Other package

No response

NestJS version

No response

Packages versions

"@nestjs/platform-ws": "^10.2.6",

Node.js version

No response

In which operating systems have you tested?

[ ] macOS
[ ] Windows
[ ] Linux

Other

No response

Jun 22 '24 19:06 robertIsaac

nest nest copied to clipboard

2 high severity vulnerabilities in `@nestjs/platform-ws`

Is there an existing issue for this?

Current behavior

Minimum reproduction code

Steps to reproduce

Expected behavior

Package

Other package

NestJS version

Packages versions

Node.js version

In which operating systems have you tested?

Other

nest
nest copied to clipboard