New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vulnerable dependency about ms #964

Closed

5 of 7 tasks

popomore opened this issue May 26, 2017 · 4 comments

Assignees

Member

popomore commented May 26, 2017 •

edited

Loading

https://snyk.io/vuln/npm:ms:20170412

egg-bin
Update debug to the latest version 🚀 mochajs/mocha#2710
eggjs/egg-jwt
Bump ms to v2 due a ReDoS vuln auth0/node-jsonwebtoken#352
[Snyk Update] New fixes for 1 vulnerable dependency path okoala/egg-jwt#4
~~egg-lint~~ close snyk
eggjs/egg-mock
deps: upgrade dependencies node-modules/coffee#56
eggjs/egg-mongoose
Vulnerability issue in debug package mongoosejs/mquery#86
Regular Expression Denial of Service (ReDoS) of ms package < 2.0.0 Automattic/mongoose#5275
eslint-config-egg
Upgrade debug version of eslint-module-utils import-js/eslint-plugin-import#844
egg-socket.io

Member Author

popomore commented May 26, 2017

@okoala okoala/egg-jwt#4 需要升级到最新版本

Member Author

popomore commented May 26, 2017 •

edited

Loading

socket.io 可以升级到 2.0 了，2.0 应该没问题了

Member

okoala commented May 27, 2017

目前 egg-jwt 已经迁到我自己仓库进行维护了~ 今天完成更新~

Member Author

popomore commented Jun 4, 2017

mochajs/mocha#2860

popomore self-assigned this

popomore closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment