Security Update : Bump Validator Version to 13.6.0

leepowelldev / mongoose-validator

Validators for mongoose models utilising validator.js

MIT License

378 stars 43 forks source link

Security Update : Bump Validator Version to 13.6.0 #53

Open sanknmFinicity opened 2 years ago

sanknmFinicity commented 2 years ago

PRISMA Cloud Reported Vulnerability :

PRISMA-2021-0063

Prepaid2Coin-Cory commented 2 years ago

Just need a merge on https://github.com/leepowelldev/mongoose-validator/pull/52

Prepaid2Coin-Cory commented 2 years ago

@leepowelldev Could you merge the above Pull Request? If not could you give a maintainer write permissions such as myself.

leepowelldev commented 2 years ago

Happy to merge, but I wonder if this jump should bump this package to a new major version - as I’m unsure if there’s any breaking changes between 10 and 13. An alternative is to move validator package to a peer dependency?

On 27 Mar 2022, at 19:53, Cory Bethrant @.***> wrote:

@leepowelldev Could you merge the above Pull Request? If not could you give a maintainer write permissions such as myself.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.

Prepaid2Coin-Cory commented 2 years ago

@leepowelldev Yes it should be a major version. I updated the Pull Request to make the change from dependencies to peerDependencies.

leepowelldev commented 2 years ago

Updates in master - will aim to release this evening

Prepaid2Coin-Cory commented 2 years ago

@leepowelldev Thank you good sir!

Prepaid2Coin-Cory commented 2 years ago

Feel free to close this whenever