Closed jc1arke closed 6 years ago
@urish can you please have a look at this, it's causing builds depending on angular-moment
to fail with NSP
Hi, thank you for the PR! Can you please explain what is the problem with moment 2.8.x?
@urish it's based of off the NSP CVE (https://nodesecurity.io/advisories/532). What was happening was that a ReDoS had slipped through, and builds would fail (see screenshot).
It was fixed via pull request https://github.com/moment/moment/pull/4326 with the issue logged on https://github.com/moment/moment/issues/4163
Got it, thanks
Released as 1.2.0
This is to help with
nsp
check failing, specifically for https://nodesecurity.io/advisories/532