search

mdasberg / ng-apimock

Node plugin that provides the ability to use scenario based api mocking: for local development for protractor testing
MIT License
99 stars 26 forks source link

Low level security vulnerability in one of dependencies #64

Closed SkrzypMajster closed 5 years ago

SkrzypMajster commented 5 years ago

Hi,

I'm using ng-apimock in one of my projects as a mock server in e2e tests. I recently noticed that one of ng-apimock dependencies has low level security vulnerability.

When I ran npm audit command I found that lodash package in versions lower than 4.17.5 has vulnerability called "Prototype Pollution". Currently, ng-apimock uses lodash in version 4.17.4

For more informations, check link below: https://snyk.io/vuln/npm:lodash:20180130

I would be very grateful for updating this package, which removes the message about security vulnerabilities.

mdasberg commented 5 years ago

@SkrzypMajster Thank you for creating the issue. I just release a version 1.4.8