Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade dependencies #45

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

ddm
Copy link

@ddm ddm commented Nov 8, 2016

The version of swagger-ui used by node-red-node-swagger at the moment is affected by 3 vulnerabilities:
https://nodesecurity.io/advisories/123
https://nodesecurity.io/advisories/126
https://nodesecurity.io/advisories/131

$ nsp check --output summary
(+) 3 vulnerabilities found
 Name         Installed   Patched   Path                                             More Info
 swagger-ui   2.1.4       >=2.2.1   [email protected] > [email protected]   https://nodesecurity.io/advisories/126
 swagger-ui   2.1.4       >=2.1.5   [email protected] > [email protected]   https://nodesecurity.io/advisories/123
 swagger-ui   2.1.4       >=2.1.5   [email protected] > [email protected]   https://nodesecurity.io/advisories/131

Upgrading the dependencies fixes the issue.

@jsf-clabot
Copy link

jsf-clabot commented Nov 8, 2016

CLA assistant check
All committers have signed the CLA.

@JonSilver
Copy link
Contributor

I've found that upgrading swagger-ui in this way causes errors, and requires further unknown changes to make it work with node-red-node-swagger

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants