Open PieterBreugelmans opened 4 years ago
npm audit of http-signature@1.3.4
High Regular Expression Denial of Service Package minimatch Dependency of tap [dev] Path tap > glob > minimatch More info https://npmjs.com/advisories/118
High Regular Expression Denial of Service
Package minimatch
Dependency of tap [dev]
Path tap > glob > minimatch
More info https://npmjs.com/advisories/118
Root cause is dev dependency on tap in https://github.com/joyent/node-http-signature/blob/master/package.json
"devDependencies": { "tap": "0.4.2",
Requires tap@12.0.2 or higher to fix the issue.
npm audit of http-signature@1.3.4
Root cause is dev dependency on tap in https://github.com/joyent/node-http-signature/blob/master/package.json
Requires tap@12.0.2 or higher to fix the issue.