Update node-forge to 0.10.0

node-apn / node-apn

:calling: Apple Push Notification module for Node.js

MIT License

4.37k stars 681 forks source link

Update node-forge to 0.10.0 #703

Closed danthegoodman1 closed 1 year ago

danthegoodman1 commented 3 years ago

To fix the HIGH vulnerability found in the current version

coveralls commented 3 years ago

Coverage remained the same at 100.0% when pulling b7d6c36446ecbf32e68f477a41789802df6e5769 on danthegoodman1:master into 38a357ed0c153aad09c2857e48a710527e685bfc on node-apn:master.

hthetiot commented 3 years ago

For reference:

  High            Prototype Pollution in node-forge                                                                                     
  Package         node-forge                                                                                                            
  Patched in      >= 0.10.0                                                                                                             
  Dependency of   node-apn                                                                                                              
  Path            node-apn > node-forge                                                                                                 
  More info       https://npmjs.com/advisories/1561