search

Samsung / SamsungAutomationStudio

Samsung Automation Studio is to provide development tools and execution environment that can easily configure application logic by connecting both Samsung service and 3rd party service. This project is to share the node for open source NodeRED developed by Samsung Automation Studio team to the community. If you are using nodered, you can easily install the node we provide. And you can use Samsung's IoT and AI-related services more easily, and you can have an extended experience in conjunction with your own services.
Apache License 2.0
56 stars 29 forks source link

Vulnerable dependencies #67

Closed soosp closed 10 months ago

soosp commented 1 year ago 
$ npm i "node-red-contrib-samsung-automation-studio-nodes"
npm WARN deprecated multer@1.4.4: Multer 1.x is affected by CVE-2022-24434. This is fixed in v1.4.4-lts.1 which drops support for versions of Node.js before 6. Please upgrade to at least Node.js 6 and version 1.4.4-lts.1 of Multer. If you need support for older versions of Node.js, we are open to accepting patches that would fix the CVE on the main 1.x release line, whilst maintaining compatibility with Node.js 0.10.
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
jongsu2 commented 1 year ago

Hi.

A new version has been released that fixes package vulnerabilities. (version 1.1.14) But 'querystring@0.2.0' is not fixed due to 'aws-sdk' issue. (reference)

Thank you.

hojoon22-lee commented 10 months ago

The version 1.1.14 and later has been fixed.