Security Vulnerbility

[Hypnos3]

I have get an issue from @rgerrans.
This issue is depending on the used protobuf version:

Is it possible to update the used version?

[lacker]

npm is starting to warn about the dependency here, too. Although since it's been a couple years since this repo has been updated, I won't hold my breath.

[rgerrans]

npm is starting to warn about the dependency here, too. Although since it's been a couple years since this repo has been updated, I won't hold my breath.

I ended up switching to https://github.com/Hypnos3/node-red-contrib-cast

[dsteinman]

Upgrading the dependency to 5.0.3 works, at least I didn't encounter anything that broke with this change yet.

"dependencies": {
    "debug": "^2.2.0",
    "protobufjs": "^5.0.3"
  },

[Saiv46]

Any progress here? npm audit still reporting this vulnerable package.

[feross]

Hi everyone, I have a pull request that fixes this issue but I don't have a Chromecast handy at the moment to test it out. Can someone confirm that the code in this pull request still works correctly?

#56

[Hypnos3]

Thank you for the change. I can test not before end of next week.

[feross]

Fixed in [email protected].