ReDOS (NSP 532)

Question

ReDOS (NSP 532)

distractdiverge opened this issue 7 years ago · 1 comments

Hi, we currently make use of your package, and I noticed an open NSP issue regarding moment in the lower package (node-saml) that is still using an unpatched version of moment.

I was wondering if you would be able to update the dependency once your other package (saml) has been patched.

related ticket: auth0/node-saml#38

Answer 1 · 2020-10-22T11:32:15.000Z

Fixed by 16c4a36.