This PR resolves a security vulnerability in the body-parser package by enforcing version 1.20.3 in the project's dependency tree. The vulnerability could lead to a denial of service when URL encoding is enabled. The change ensures that the patched version of body-parser is used across the project, mitigating the potential risk. Its a good practice to ensure that the dependency tree remains clean and that no potentially vulnerable code exist.
Short description
This PR resolves a security vulnerability in the body-parser package by enforcing version 1.20.3 in the project's dependency tree. The vulnerability could lead to a denial of service when URL encoding is enabled. The change ensures that the patched version of body-parser is used across the project, mitigating the potential risk. Its a good practice to ensure that the dependency tree remains clean and that no potentially vulnerable code exist.
https://github.com/advisories/GHSA-qwcr-r2fm-qrc7/dependabot?query=user:pagopa
Preview
List of changes proposed in this pull request
Product
How to test