Upgrade jsonwebtoken library

Question

aliosmanisikk opened this issue 2 years ago · comments

jsonwebtoken 8.5.1 has security vulnerability GHSA-27h2-hvpr-p74q and needs an upgrade to version 9.0.0

Bruno Xavier · Answer 1 · Thu Dec 22 2022 17:35:10 GMT+0800 (China Standard Time)

Given the seriousness of the vulnerability, upgrading to 9.0.0 should be top priority.

José F. Romaniello · Answer 2 · Thu Dec 22 2022 20:58:14 GMT+0800 (China Standard Time)

Published as express-jwt@8... no other breaking changes in this new release.
Updated changelog.