search

sahat / hackathon-starter

A boilerplate for Node.js web applications
MIT License
34.8k stars 8.16k forks source link

chore: upgrade vulnerable packages #1215

Closed theRemix closed 1 year ago

theRemix commented 1 year ago

Description

Upgrades outdated packages that are marked as vulnerable

References #1209

Before

npm audit

23 vulnerabilities (4 low, 2 moderate, 12 high, 5 critical)

After

npm audit

5 vulnerabilities (4 low, 1 critical)

node-quickbooks and passport-twitter have a transitive dependency on a critically severe version of xmldom

YasharF commented 1 year ago

Closing the issue as the packages in the PR are now out of date.