please update dependency "ms" to fix security problem

ForbesLindesay / browserify-middleware

express middleware for browserify, done right

http://browserify.org

MIT License

381 stars 66 forks source link

please update dependency "ms" to fix security problem #122

Closed sseide closed 6 years ago

sseide commented 6 years ago

currently an old version "0.7.x" is used that has an security problem. Updating to latest version 2.1.1 fixes this. The api has not changed from version 0.7.x to 2.1.1 therefor all your tests work...

✗ Low severity vulnerability found on ms@0.7.3
- desc: Regular Expression Denial of Service (ReDoS)
- info: https://snyk.io/vuln/npm:ms:20170412
- from: redis-commander@0.4.5-rc.7 > browserify-middleware@8.1.0 > ms@0.7.3

ForbesLindesay commented 6 years ago

Done