Vulnerable WS dependency causing DoS vulnerability

pubkey / rxdb

A fast, local first, reactive Database for JavaScript Applications https://rxdb.info/

https://rxdb.info/

Apache License 2.0

21.15k stars 1.03k forks source link

Vulnerable WS dependency causing DoS vulnerability #6326

Open rabie-khlifi opened 3 weeks ago

rabie-khlifi commented 3 weeks ago

using vulnerable "WS" "8.16.0" version without ^ not allowing upgrade to fix the vulnerability , fixed on 8.17.1

pubkey commented 3 weeks ago

PR is welcomed.

stale[bot] commented 2 weeks ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed soon. Please update it or it may be closed to keep our repository organized. The best way is to add some more information or make a pull request with a test case. Also you might get help in fixing it at the RxDB Community Chat If you know you will continue working on this, just write any message to the issue (like "ping") to remove the stale tag.