You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The express package, included in this project's package.json, has recently been identified with vulnerabilities (See SNYK-JS-EXPRESS-7926867).
This SDK exposes express, ejs and uuid as dependency even though they are not used in the SDK code. These dependencies are used in the docs/quickstart folder.
It would be ideal to split this repo into 2 packages/projects, one for the SDK with very minimal dependencies and another with the quick start. Quick start could even be a different repo (easier option) or this project could adopt npm workspaces
Including unnecessary dependencies like the ones mentioned express, ejs, and uuid cause the Learnosity SDK module to be flagged as vulnerable by security scanning tools
The text was updated successfully, but these errors were encountered:
Hi,
The
expresspackage, included in this project'spackage.json, has recently been identified with vulnerabilities (See SNYK-JS-EXPRESS-7926867).This SDK exposes
express,ejsanduuidas dependency even though they are not used in the SDK code. These dependencies are used in the docs/quickstart folder.It would be ideal to split this repo into 2 packages/projects, one for the SDK with very minimal dependencies and another with the quick start. Quick start could even be a different repo (easier option) or this project could adopt npm workspaces
Including unnecessary dependencies like the ones mentioned
express,ejs, anduuidcause the Learnosity SDK module to be flagged as vulnerable by security scanning toolsThe text was updated successfully, but these errors were encountered: