Update `jwt-simple` to fix critical npm audit security issue (!1242) · Merge requests · gitter / webapp

Eric Eastwood requested to merge feature/fix-some-npm-audit-critical into develop Sep 12, 2018

Update jwt-simple to fix critical npm audit issue. More info: https://www.npmjs.com/advisories/87. As a note, we don't .decode in our code so I don't think we were affected.

$ npm audit | grep Critical -B3 -A10

# Run  npm install jwt-simple@0.5.1  to resolve 1 vulnerability

  Critical        Forgeable Public/Private Tokens

  Package         jwt-simple

  Dependency of   jwt-simple

  Path            jwt-simple

  More info       https://nodesecurity.io/advisories/87

Edited Sep 12, 2018 by Eric Eastwood

Update `jwt-simple` to fix critical npm audit security issue

Merge request reports