node-red-node-swagger icon indicating copy to clipboard operation
node-red-node-swagger copied to clipboard

Published 20 hours ago verified publisher icon node-red

Upgrade dependencies

Open ddm opened this issue 8 years ago • 2 comments

The version of swagger-ui used by node-red-node-swagger at the moment is affected by 3 vulnerabilities: https://nodesecurity.io/advisories/123 https://nodesecurity.io/advisories/126 https://nodesecurity.io/advisories/131

$ nsp check --output summary
(+) 3 vulnerabilities found
 Name         Installed   Patched   Path                                             More Info
 swagger-ui   2.1.4       >=2.2.1   [email protected] > [email protected]   https://nodesecurity.io/advisories/126
 swagger-ui   2.1.4       >=2.1.5   [email protected] > [email protected]   https://nodesecurity.io/advisories/123
 swagger-ui   2.1.4       >=2.1.5   [email protected] > [email protected]   https://nodesecurity.io/advisories/131

Upgrading the dependencies fixes the issue.

ddm avatar Nov 08 '16 13:11 ddm

CLA assistant check
All committers have signed the CLA.

jsf-clabot avatar Nov 08 '16 13:11 jsf-clabot

I've found that upgrading swagger-ui in this way causes errors, and requires further unknown changes to make it work with node-red-node-swagger

JonSilver avatar Sep 17 '19 17:09 JonSilver