Publish new version #15
Comments
|
AFAIK there is actually no harm also with the current version of That said a new release doesn't hurt. cc: @3rd-Eden |
|
👍 this shows up in snyk as a high severity vulnerability so it would be nice to have this bumped rather than ignore the vuln in snyk |
|
I'm the author of the fix, as well as the reporter to snyk, this module is not affected by it. Generation of an origin string does not require access to querystring params if any shape or form. The only way this module would have been vulnerable is when: https://github.com/unshiftio/original/blob/master/index.js#L13 sets the second argument to |
|
1.0.1 is out |
There was recently a security fix in a downstream dependency (unshiftio/querystringify#19) and it looks like the dependencies of this module have been updated accordingly but a new version has not yet been published.
I apologize if I am missing something here, but are you planning on publishing a new version of this library with the updated dependencies?
The text was updated successfully, but these errors were encountered: