Update url-parse dependency

philosowaffle / vs-openapi-designer

OpenApi Designer Extension for VS Code

GNU General Public License v3.0

15 stars 2 forks source link

Open philosowaffle opened 6 years ago

philosowaffle commented 6 years ago

Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Op...

package-lock.json update suggested: url-parse ~> 1.4.3

philosowaffle commented 6 years ago

This is Dev dependency pulled in by VS Code.