search

node-red / node-red-node-swagger

A set of tools for generating Swagger api documentation based on the HTTP nodes deployed in a flow
Apache License 2.0
63 stars 48 forks source link

Upgrade dependencies #45

Open ddm opened 7 years ago

ddm commented 7 years ago

The version of swagger-ui used by node-red-node-swagger at the moment is affected by 3 vulnerabilities: https://nodesecurity.io/advisories/123 https://nodesecurity.io/advisories/126 https://nodesecurity.io/advisories/131

$ nsp check --output summary
(+) 3 vulnerabilities found
 Name         Installed   Patched   Path                                             More Info
 swagger-ui   2.1.4       >=2.2.1   node-red-node-swagger@0.1.8 > swagger-ui@2.1.4   https://nodesecurity.io/advisories/126
 swagger-ui   2.1.4       >=2.1.5   node-red-node-swagger@0.1.8 > swagger-ui@2.1.4   https://nodesecurity.io/advisories/123
 swagger-ui   2.1.4       >=2.1.5   node-red-node-swagger@0.1.8 > swagger-ui@2.1.4   https://nodesecurity.io/advisories/131

Upgrading the dependencies fixes the issue.

jsf-clabot commented 7 years ago

CLA assistant check
All committers have signed the CLA.

JonSilver commented 5 years ago

I've found that upgrading swagger-ui in this way causes errors, and requires further unknown changes to make it work with node-red-node-swagger