Please update the 'yaml' dependency version to 2.1.0 to fix CVE-2023-2251 Vulnerability

Surnet / swagger-jsdoc

Generates swagger/openapi specification based on jsDoc comments and YAML files.

MIT License

1.66k stars 224 forks source link

Please update the 'yaml' dependency version to 2.1.0 to fix CVE-2023-2251 Vulnerability #377

Open Prateeks91 opened 10 months ago

Prateeks91 commented 10 months ago

Is your feature request related to a problem? Please describe. Currently, the project is using yaml:2.0.0-1, which is prone to CVE-2023-2251 Vulnerability

Describe the solution you'd like The suggested solution is to upgrade to yaml: 2.1.0

daniloab commented 10 months ago

hi @Prateeks91 can you send a pull request, please?

Prateeks91 commented 10 months ago

@daniloab sure. Here you go https://github.com/Surnet/swagger-jsdoc/pull/378

stale[bot] commented 8 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.