feat: use safe version of xmldom and mocha - Githubissues

jaredhanson / passport-twitter

Twitter authentication strategy for Passport and Node.js.

https://www.passportjs.org/packages/passport-twitter/?utm_source=github&utm_medium=referral&utm_campaign=passport-twitter&utm_content=about

MIT License

469 stars 131 forks source link

feat: use safe version of xmldom and mocha #124

Open ncluer opened 3 months ago

ncluer commented 3 months ago

READ THIS FIRST!

Are you implementing a new feature?

n/a

Is this a security patch?

Removes dependency on xtraverse and uses safer version of xmldom to handle the fallback in parseErrorResponse.

Updates mocha to safe version with no critical vulnerabilites.

Checklist

[x] I have read the CONTRIBUTING guidelines.
[ ] I have added test cases which verify the correct operation of this feature or patch.
[ ] I have added documentation pertaining to this feature or patch.
[x] The automated test suite ($ make test) executes successfully.
[ ] The automated code linting ($ make lint) executes successfully.

RobinTail commented 3 months ago

@jaredhanson please review