Closed
Description
Description
apollo-server-koa contains a security vulnerability in its dependency tree:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000048
- https://app.snyk.io/test/npm/apollo-server-koa/2.7.0
apollo-server-koa@2.7.0 › koa-bodyparser@3.2.0 › co-body@4.2.0 › qs@4.0.0
Possible solution
Update to koa-bodyparser@4 per #3004. Note that this major version drops support for Node 6.
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Milestone
Relationships
Development
Participants
Activity
Stop testing Koa on Node.js v6 in order to update `koa-bodyparser`.
koa-bodyparser. #3240Stop testing Koa on Node.js v6 in order to update `koa-bodypars… (#3240)