search

department-of-veterans-affairs / va.gov-cms

Editor-centered management for Veteran-centered content.
https://prod.cms.va.gov
GNU General Public License v2.0
99 stars 69 forks source link

Update expressjs/body-parser to >=v4.20 #19337

Open edmund-dunn opened 1 month ago

edmund-dunn commented 1 month ago

User Story or Problem Statement

According to https://github.com/advisories/GHSA-qwcr-r2fm-qrc7/dependabot?query=user:department-of-veterans-affairs, there is a recent vulnerability in expressjs/body-parser. We need to update to >=v4.20.

Description or Additional Context

Steps for Implementation

Acceptance Criteria

edmund-dunn commented 1 month ago

@gracekretschmer-metrostar another that needs to be done soonish. https://dsva.slack.com/archives/CT4GZBM8F/p1727364013031559