Julian Borrey
Julian Borrey
As we develop Salus, it's useful to know how it's being used. If you would like, please comment below about where you use it, how and for what purpose.
https://github.com/ajinabraham/NodeJsScan Vuln scannner for JS. Test it out on some codebases and determine if it's worth integrating. If so, make the module and open a PR.
The [current lodash dependency requirement](https://github.com/BinaryMuse/fluxxor/blob/master/package.json#L48) is vulnerable to [this CVE](https://nodesecurity.io/advisories/577). This makes all projects that use fluxxor fail an NSP scan. Fix is simply updating to lodash >= 4.17.5.
The request package in this node module has CVEs. This PR will update it. Output of `$ nsp check --output summary` ``` (+) 4 vulnerabilities found Name Installed Patched Path...