search

voltrue2 / in-app-purchase

A Node.js module for in-App-Purchase for iOS, Android, Amazon and Windows.
http://iap.gracenode.org
Other
1.05k stars 289 forks source link

Update xml dom to overcome synk security issue #360

Closed amitk1990 closed 1 year ago

amitk1990 commented 1 year ago

Dependency update to xmldom to resolve the synk security vulnerability issue. Improper Input Validation: https://security.snyk.io/vuln/SNYK-JS-XMLDOM-3092935 Prototype Pollution: https://security.snyk.io/vuln/SNYK-JS-XMLDOM-3042242

yringel commented 1 year ago

Thanks @amitk1990! this was fixed and merged in https://github.com/voltrue2/in-app-purchase/pull/348

amitk1990 commented 1 year ago

@yringel would you mind rolling out a new version release for this ?