search

asyncapi / parser-js

AsyncAPI parser for Javascript (browser-compatible too).
Apache License 2.0
116 stars 92 forks source link

fix: remove unused deps to fix CVE-2020-15366 #904

Closed hainenber closed 10 months ago

hainenber commented 10 months ago

Description

Remove dependencies rendered as obsolete by PR #756 and in turns, fix CVE-2020-15366.

sonarcloud[bot] commented 10 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

jonaslagoni commented 10 months ago

/rtm

jonaslagoni commented 10 months ago

@all-contributors please add @hainenber for security

allcontributors[bot] commented 10 months ago

@jonaslagoni

I've put up a pull request to add @hainenber! :tada:

asyncapi-bot commented 10 months ago

:tada: This PR is included in version 2.1.2 :tada:

The release is available on:

Your semantic-release bot :package::rocket:

hainenber commented 9 months ago

hi @jonaslagoni, sorry for digging up this thread but can you cherry-pick this PR into next-major-spec branch? This can help broadcasting the security patch to wider downstreams. Thanks!

asyncapi-bot commented 9 months ago

:tada: This PR is included in version 3.0.0-next-major-spec.16 :tada:

The release is available on:

Your semantic-release bot :package::rocket: