Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Low level security vulnerability in one of dependencies #64

Closed
SkrzypMajster opened this issue Jan 29, 2019 · 1 comment
Closed

Low level security vulnerability in one of dependencies #64

SkrzypMajster opened this issue Jan 29, 2019 · 1 comment

Comments

@SkrzypMajster
Copy link

Hi,

I'm using ng-apimock in one of my projects as a mock server in e2e tests.
I recently noticed that one of ng-apimock dependencies has low level security vulnerability.

When I ran npm audit command I found that lodash package in versions lower than 4.17.5 has vulnerability called "Prototype Pollution". Currently, ng-apimock uses lodash in version 4.17.4

For more informations, check link below:
https://snyk.io/vuln/npm:lodash:20180130

I would be very grateful for updating this package, which removes the message about security vulnerabilities.
mdasberg added a commit that referenced this issue Feb 5, 2019
@mdasberg
chore(release): Release (#64)
f547e64
@mdasberg
Copy link
Owner

mdasberg commented Feb 5, 2019
edited
Loading

@SkrzypMajster Thank you for creating the issue. I just release a version 1.4.8

@mdasberg mdasberg closed this as completed Feb 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mdasberg @SkrzypMajster