Update node-forge to fix security issue #1532
Labels
Comments
|
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[READ] Step 1: Are you in the right place?
For issues related to the code in this repository file a Github issue.
If the issue pertains to Cloud Firestore, read the instructions in the "Firestore issue"
template.
For general technical questions, post a question on StackOverflow
with the firebase tag.
For general Firebase discussion, use the firebase-talk
google group.
For help troubleshooting your application that does not fall under one
of the above categories, reach out to the personalized
Firebase support channel.
please update node-forge to fix this issue: GHSA-gf8q-jrpm-jvxq
[REQUIRED] Step 2: Describe your environment
[REQUIRED] Step 3: Describe the problem
Steps to reproduce:
npm i firebase-admin@10.0.1
npm audit fix
What happened? How can we make the problem occur?
This could be a description, log/console output, etc.
node-forge <1.0.0
URL parsing in node-forge could lead to undesired behavior. - GHSA-gf8q-jrpm-jvxq
fix available via
npm audit fix --forceWill install firebase-admin@4.2.1, which is a breaking change
node_modules/node-forge
firebase-admin >=5.0.0
Relevant Code:
The text was updated successfully, but these errors were encountered: