search

karma-runner / karma-junit-reporter

A Karma plugin. Report results in junit xml format.
MIT License
176 stars 144 forks source link

npm audit vulnerability with xmlbuilder package #172

Open robinprashanth opened 5 years ago

robinprashanth commented 5 years ago

Hi Team, When I run "npm audit" I am seeing below error in my project

High xmlbuilder-js XMLStringifier.coffee XMLStringifier() Class
Regex Handling DoS

Package xmlbuilder

Patched in 9.0.5

Dependency of karma-junit-reporter [dev]

Path karma-junit-reporter > xmlbuilder

More info https://vulndb.cyberriskanalytics.com/vulnerabilities/178241

can some one help me fix this issue? I see "xmlbuilder" version as "xmlbuilder": "8.2.2" in the karma-junit-reporter package.json file

johnjbarton commented 5 years ago

Please send a Pull Request with the fix.