Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

There are 3 vulnerable dependencies according to nsp

See original GitHub issue

Hi, this package has three vulnerable dependencies according to nsp. Namely, mime, request and hawk which come from the packages @google-cloud/storage@1.5.2. Please check and update them.

Issue Analytics

State:
Created 6 years ago
Comments:6 (1 by maintainers)

Top GitHub Comments

1reaction

hiranya911commented, Feb 14, 2018

Cutting too close to the release currently in progress. Will include in the following patch release.

0reactions

THPubscommented, Feb 14, 2018

@hiranya911 Great thnaks!

Top Results From Across the Web

Using Snyk, NSP and Retire.JS to Identify and Fix Vulnerable ...

The first security focused dependency management tool I'm going to talk about is NSP, which stands for the Node Security Platform. They provide ......

13 tools for checking the security risk of open-source ...

Dependency-check supports Java, . NET, JavaScript, and Ruby. The tool retrieves its vulnerability information strictly from the NIST NVD.

nsp vulnerabilities | Snyk

version published direct vulnerabilities 3.2.1 15 Feb, 2018 0. C. 0. H. 0. M. 0. L 3.2.0 15 Feb, 2018 0. C. 0. H. 0....

Vulnerabilities in Dependencies: What You Need to Know

Here's what you need to know about the vulnerabilities in dependencies, third party components and open source.

Five Ways to Find and Fix Open Source Vulnerabilities

The NSP is known largely for its work on tracking security of Node modules and NPM dependencies. The project offers tools that scan...