Security vulnerability

[canonic-epicure]

Hi,

npm audit reports, your package depends on node-forge which had a security vulnerability prior version 0.10.0. Currently the required version of "node-forge" is "^0.6.42"

Can you please bump the node-forge version to 0.10.0 or higher and release a new version?

Thanks and regards, Nickolay

┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Prototype Pollution in node-forge                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ node-forge                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >= 0.10.0                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ node-easy-cert                                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ node-easy-cert > node-forge                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1561                            │
└───────────────┴──────────────────────────────────────────────────────────────┘

[canonic-epicure]

Any updates?

[canonic-epicure]

Hello again, this is just a 1 min fix, any chance version bump for node-forge can happen?