graphql-oauth
graphql-oauth copied to clipboard
anuraghazra
OAuth + GraphQL + Passportjs
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.17.3. Release notes Sourced from express's releases. 4.17.3 deps: accepts@~1.3.8 deps: mime-types@~2.1.34 deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps:...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [qs](https://github.com/ljharb/qs) to 6.11.0 and updates ancestor dependencies [qs](https://github.com/ljharb/qs), [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies need to be updated together. Updates `qs` from 6.7.0 to 6.11.0 Changelog Sourced from qs's changelog....
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...
Bumps [object-path](https://github.com/mariocasciaro/object-path) from 0.11.4 to 0.11.8. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.21.1. Release notes Sourced from axios's releases. v0.21.1 0.21.1 (December 21, 2020) Fixes and Functionality: Hotfix: Prevent SSRF (#3410) Protocol not parsed when setting proxy...
To secure grpahql a very practical and easy to use tool you can look at graphql shield. https://github.com/maticzav/graphql-shield
