Skip to content

Commit

Permalink
Upgrade qs to protect against security vunerability
Browse files Browse the repository at this point in the history 
https://nodesecurity.io/advisories/qs_dos_extended_event_loop_blocking
  • Loading branch information
Lloyd Watkin authored and Raymond Feng committed Aug 7, 2014
1 parent 622b205 commit 349949c
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions package.json
View file
Expand Up @@ -37,7 +37,7 @@
"parseurl": "~1.2.0",
"path-to-regexp": "0.1.3",
"proxy-addr": "1.0.1",
"qs": "1.0.2",
"qs": "~1.2.0",

This comment has been minimized.

Sign in to view

Copy link
@dougwilson

dougwilson Aug 7, 2014

Contributor

On the PR with the ^ I mentioned that for externally-controlled dependencies we only pin them. I guess you decided to overrule that. You could have at least stated that overruling in the PR comments :(
"range-parser": "1.0.0",
"send": "0.8.1",
"serve-static": "~1.5.0",
Expand All @@ -47,7 +47,6 @@
"fresh": "0.2.2",
"cookie-signature": "1.0.4",
"merge-descriptors": "0.0.2",
"qs": "1.0.0",
"utils-merge": "1.0.0"
},
"devDependencies": {
Expand Down

0 comments on commit 349949c

Please sign in to comment.