search

ryanbillingsley / express-ipfilter

A light-weight IP address based connection filtering system
MIT License
110 stars 44 forks source link

Dependency on lodash 3, which suffers from security vulnerabilities #60

Open laurieboyes opened 6 years ago

laurieboyes commented 6 years ago

Vulnerability report: https://snyk.io/vuln/npm:lodash:20180130

Maybe lodash could be swapped out for some modern JS features? Not sure how this lib is handling potentially breaking changes however.

GuillermoPena commented 5 years ago

Only you need to update lodash packet to 4.17.5 version