Mark Stosberg

The link says there is a low-risk denial of service issue with this module related to regular expressions. A more specific link is here: https://srcclr.com/security/regular-expression-denial-service-redos-/javascript/sid-1862/technical Version 0.3.0, the current version,...

@KieronWiltshire Have you confirmed your change is compliant with the [OAuth 2 RFC](https://tools.ietf.org/html/rfc6749)? Please reference the sections of the RFC that apply to your change.

@KieronWiltshire It would be helpful if you linked to the specific spec section that addresses continuing without a token.

@typingduck So what HTTP status ends up being returned to the client after this change is applied? What's an example of cases where no HTTP status code would be found...

I tested this patch. Before the patch was applied, my server was crashing with: ``` RangeError: Invalid status code: undefined ``` So, a patch is definitely useful here. After applying...

@joshkopecek What do you think about this "wish" request? It addresses the wish to mark some GeoJSON schema elements as required, add extra validation, or fill in default values for...

Please include your Mongoose version.

Ugh. I'm not sure what to do here. It seems like a might be an ordering issue, like the `CastError` is being thrown before the custom error. At this point...

@kjeremy: Please contribute a pull request which confirms this case. See an example similar test here: https://github.com/RideAmigosCorp/mongoose-geojson-schema/blob/master/test/GeoJSON.integration.js#L111

@joshkopecek Looks good to me. I also see an unrelated warning that the node-growl dependency should be updated due to a security issue.