Closed camsjams closed 7 years ago
Created PR #98
Thanks! Can you please publish to NPM?
Hello, is there any special reason this is still not being published to NPM after 9 days? I don't want to state the obvious from the referenced security links above, by Camsjams, but the qs vulnerability is a high severity one. Is this project not a really important one? Or is someone really sure that it cannot be exploited with swagger-node-runner?
Sorry for the delay. It has been published as 0.7.3.
Thanks!
There is an advisory for the npm package qs that can be solved by upgrading to the latest version (currently at v6.4.0), or at the very least v6.1.2.
Some additional info from snyk and the qs github issue.
Should be a simple bump as there haven't been too many changes from 5 to 6 that would break.