Security: update package use of superagent to fix vulnerability from qs library
camsjams opened this issue · comments
There is an advisory for the npm package qs that can be solved by upgrading your dependency of superagent to the latest version (currently at v3.5.2), or at the very least v2.0.0
Some additional info from snyk and the qs github issue.
Should be a simple bump as there haven't been too many changes from 5 to 6 that would break.
Path loader is a dependent or transitive dependent of several swagger related packages.
Thanks for pointing this out. I'll release either tonight or tomorrow.
json-refs@v1.0.2
fixes this. Thanks for the report.
Wonderful! Thanks!