Nigrimmist
commented
2 years ago The same issue
Open TheBrockEllis opened 2 years ago
Nigrimmist
commented
2 years ago The same issue
TheBrockEllis
commented
2 years ago The z-schema package updated the issue 12 days ago with a fix for the discovered vulnerability. Any ETA for a new release of swagger-tools that would include updated dependencies?
piyushhajare
commented
2 years ago We are having same issue with this. Z-schema has also updated the vulnerable package, can someone let us know the ETA for a new release of swagger-tools with updated version of z-schema?
hrgondaliya
commented
2 years ago We are having the same issue with this. The z-schema package updated the issue 12 days ago with a fix for the discovered vulnerability. Any ETA for a new release of swagger-tools?
hrgondaliya
commented
2 years ago Anyone can help with an alternative package for "swagger-tools" which does not have this vulnerability?
amaciejk
commented
1 year ago Also watching
Running NPM audit reveals that the
validatorpackage that is used byz-schema, which is a dependency of swagger-tools, has a moderate vulnerability.Link to the z-schema Github issue
Link to the NPM advisory
Is there any chance that this package will eventually be updated when the other upstream packages get patched?