-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JavaScript] Update vulnerable dependencies #784
[JavaScript] Update vulnerable dependencies #784
Conversation
oh.. 👀 |
Let me show you the fix (via gitter) |
and thanks for taking care of the security fix. |
bin/javascript-petstore.sh bin/javascript-es6-petstore.sh bin/javascript-promise-petstore.sh bin/javascript-promise-es6-petstore.sh
b79c020
to
2ad623c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
* master: (32 commits) Fixed date formatting in typescript node client (OpenAPITools#786) better explain usage (OpenAPITools#794) Fix float/double default value in C# generator (OpenAPITools#791) Enhancements to documentation generators (samples, default values, etc) (OpenAPITools#790) Remove duplicate variable declaration (OpenAPITools#792) Issue 758 root resource (OpenAPITools#771) Do not declare destructor as default when destructor is explicitly declared. (OpenAPITools#732) Fix C# client enum issue (OpenAPITools#774) [JavaScript] Update vulnerable dependencies (OpenAPITools#784) [Ruby] Fix method split (OpenAPITools#780) [Java][jaxrs-jersey] add sample with jaxrs-jersey + openapi v3 (OpenAPITools#778) update groupId in pom (OpenAPITools#779) [cpp-restsdk] Support multi-line descriptions (OpenAPITools#753) [Core] Resolve Inline Models (OpenAPITools#736) [gradle] Support nullable system property values (OpenAPITools#764) Correct URL for openapi-generator.cli.sh in README.md (OpenAPITools#770) Fixed the generation of model properties whose data type is a composed (allOf) schema (OpenAPITools#704) [JAX-RS][Spec] Add samples to CircleCI (OpenAPITools#759) minor update to python generator usage (OpenAPITools#762) [C++][Restbed/Pistache] Added fix for byte array (OpenAPITools#752) ...
* Update vulnerable dependencies * Update samples: javascript-es6 * Update samples: javascript-promise * Update samples: javascript-promise-es6 * Update samples: javascript * Update samples: petstore-security-test/javascript * Rename operationId if it starts with a number * Update samples bin/javascript-petstore.sh bin/javascript-es6-petstore.sh bin/javascript-promise-petstore.sh bin/javascript-promise-es6-petstore.sh
PR checklist
./bin/
to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.sh
and./bin/security/{LANG}-petstore.sh
if updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in.\bin\windows\
.master
,4.0.x
. Default:master
.Description of the PR
visionmedia/superagent 3.5.2 is vulnerable to ZIP bomb attacks.
refs: NVD - CVE-2017-16129
It has been fixed in v3.7.0.