High severity vulnerability in `node-forge` so `firebase-admin` update is required

Jblew / firebase-functions-rate-limiter

Js/ts library that allows you to set per-time, per-user or per-anything limits for calling Firebase cloud functions

MIT License

100 stars 15 forks source link

High severity vulnerability in `node-forge` so `firebase-admin` update is required #15

Closed dominikfoldi closed 3 years ago

dominikfoldi commented 3 years ago

There is a new advisory about node-forge which is an indirect dependency of firebase-admin, see: https://www.npmjs.com/advisories/1561

The firebase-admin dependency should be updated to a version which doesn't contain the vulnerability.

Jblew commented 3 years ago

Thanks a lot for commenting and for bringing my attention to this. I've just updated all dependencies in version 3.8.3. Please test if the version works for you: npm i firebase-functions-rate-limiter@3.8.3 :)

dominikfoldi commented 3 years ago

Thank you @Jblew! Just tested it and it is working great!