update `uri-js` to 3.x.x, 2.1.1 is vulnerable to `Regular Expression Denial Of Service`

bettiolo / oauth-signature-js

JavaScript OAuth 1.0a signature generator (RFC 5849) for node and the browser

https://www.npmjs.com/package/oauth-signature

BSD 3-Clause "New" or "Revised" License

232 stars 71 forks source link

Closed despairblue closed 6 years ago

despairblue commented 7 years ago

SPAHI4 commented 6 years ago

also, it should fix an error with react-native

aniltallam commented 6 years ago

@bettiolo can you merge the above PR and release new npm version?

bettiolo commented 6 years ago

I will, but I think that the PR did not update the client side uri-js

bettiolo commented 6 years ago

Merged and released as 1.5.0