mirror of
https://github.com/gamedig/node-gamedig.git
synced 2024-11-14 07:51:12 +01:00
6c55e1da56
node-gamedig currently has a 2 vulnerable dependency, introducing 3 different types of known vulnerabilities. This PR fixes two vulnerable dependency, introducing [remote memory exposure ](https://snyk.io/vuln/npm:request:20160119) vulnerability in the `request` dependency and [ReDos vulnerability](https://snyk.io/vuln/npm:hawk:20160119) in the `hawk` dependency. You can see [Snyk test report](https://snyk.io/test/github/sonicsnes/node-gamedig) of this project for details. This PR changes `Package.json` to upgrade `request` to the newer 2.74.0 version, and will fix the vulnerability listed above. You can get alerts and fix PRs for future vulnerabilities for free by [watching this repo with Snyk](https://snyk.io/add). Note this PR fixes all the vulnerabilities introduced trough `request` dependency, in order to be vulnerability free you will need to upgrade ` moment` dependency as well. Full disclosure: I'm a part of the Snyk team, just looking to spread some security goodness and awareness ;)
50 lines
928 B
JSON
50 lines
928 B
JSON
{
|
|
"name": "gamedig",
|
|
"description": "Query for the status of any game server in Node.JS",
|
|
"tags": [
|
|
"srcds",
|
|
"query",
|
|
"game",
|
|
"utility",
|
|
"util",
|
|
"server"
|
|
],
|
|
"main": "lib/index.js",
|
|
"author": "Michael Morrison",
|
|
"version": "0.2.25",
|
|
"repository" : {
|
|
"type" : "git",
|
|
"url" : "https://github.com/sonicsnes/node-gamedig.git"
|
|
},
|
|
"bugs" : {
|
|
"url" : "https://github.com/sonicsnes/node-gamedig/issues"
|
|
},
|
|
"licenses" : [
|
|
{
|
|
"type" : "MIT",
|
|
"url" : "https://raw.github.com/sonicsnes/node-gamedig/master/LICENSE"
|
|
}
|
|
],
|
|
"dependencies": {
|
|
"iconv-lite": "~0.4.6",
|
|
"long": "~2.2.3",
|
|
"async": "~0.9.0",
|
|
"compressjs": "~1.0.2",
|
|
"gbxremote": "~0.1.4",
|
|
"request": "~2.74.0",
|
|
"minimist": "~1.1.0",
|
|
"varint": "~4.0.0",
|
|
"moment": "~2.9.0"
|
|
},
|
|
"bin": {
|
|
"gamedig": "bin/gamedig.js"
|
|
},
|
|
"files": [
|
|
"bin/gamedig.js",
|
|
"lib/",
|
|
"protocols/",
|
|
"games.txt",
|
|
"LICENSE",
|
|
"README.md"
|
|
]
|
|
}
|