search

IBM / nodejs-itoolkit

A JavaScript (Node.js) library for communicating with IBM i
MIT License
43 stars 37 forks source link

build(deps): Upgrade ssh2 to latest version #355

Closed abmusse closed 1 year ago

abmusse commented 1 year ago

Fixes #338

Previously we relied on 0.8.x this a major version upgrade. Versions of ssh2 <1.4.0 are vulnerable to OS Command injection on Windows. See https://github.com/advisories/GHSA-652h-xwhf-q4h6 Functional tests passed with latest ssh2 on both Linux and IBM i.