Skip to content

Update node-forge to the latest version #76

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
esarafianou merged 2 commits into from
Sep 9, 2020
Merged

Update node-forge to the latest version #76

esarafianou merged 2 commits into from
Sep 9, 2020

Conversation

@esarafianou
Copy link
Contributor

@esarafianou esarafianou commented Sep 8, 2020

Description

Updates node-forge to the latest version to address a security issue in the dependency and bumps a new version. Fixes #75

The node-forge new version drops support for node 4 but node-xml-encryption already specifies the node engine >=8. As such, a new patch version will be released.

References

https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677

Testing

All tests pass successfully.

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not master

@esarafianou esarafianou requested a review from a team as a code owner September 8, 2020 18:00
gkwang
gkwang requested changes Sep 8, 2020
View reviewed changes
Copy link
Contributor

@gkwang gkwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wait, why did the package-lock got changed to http?

@esarafianou
Copy link
Contributor Author

esarafianou commented Sep 8, 2020

@gkwang Not sure what went wrong with the npm install but I updated it now.

@esarafianou esarafianou merged commit f412aac into master Sep 9, 2020
@esarafianou esarafianou deleted the update_forge branch September 9, 2020 07:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gkwang gkwang gkwang approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@esarafianou @gkwang