search

covidwatchorg / portal

Covid Watch Portal web app for diagnosis verification
Apache License 2.0
8 stars 3 forks source link

Upgrade dependency for yargs-parser to reduce security risk #361

Closed whaber closed 4 years ago

whaber commented 4 years ago

Upgrade yargs-parser to latest version to reduce security risk.

Current version (10.1.0) has vulns including Improper Input Validation in yargs-parser

Latest version is 18.1.3: https://www.npmjs.com/package/yargs-parser

veeara282 commented 4 years ago

Looks like we've got four different versions of yargs-parser installed: 18.1.3, 9.0.2, 10.1.0, 13.1.2.