Closed motss closed 7 years ago
Hey there! I couldn't figure out what this issue is about, so I've labeled it for a human to triage. Hang tight.
What exactly is the problem here? Can you provide more details about the type of error/vulnerability found in jsonwebtoken?
@hiranya911 When running snyk test
command, it will check all the NPM dependencies and it hit the jsonwebtoken
dependency inside the firebase-admin
with the error Invalid error: Invalid version: "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-7.2.0.tgz
and the snyk
check stops and never able to complete the vulnerability check.
Is this something related to firebase-admin
?
I still don't understand what the problem is. Why is 7.2.0 an invalid version? It is not the latest version available (latest seems to be 7.4.1). But it should be fine to depend on an older version.
I'm closing this, as it appears this is not a Firebase SDK issue. Check the referenced snyk issue for more context.
[READ] Step 1: Are you in the right place?
[REQUIRED] Step 2: Describe your environment
[REQUIRED] Step 3: Describe the problem
Steps to reproduce:
As a regular snyk user, running
snyk test
to check for vulnerabilities of all NPM dependencies and the latest Firebase Admin could not pass the test and discovered thatjsonwebtoken
is the culprit. See the image below for more details: