Please update debug dependency version

[trabetti-hcl]

Can the version of debug dependency be updated (currently it is 2.6.9), as it is associated with a vulnerability?

https://www.cve.org/CVERecord?id=CVE-2017-20165

Thank you.

[UlisesGascon]

Thanks for reporting it @trabetti-hcl! Seems like debug@3.0.0 (https://github.com/debug-js/debug/releases/tag/3.0.0) will be compatible with Node@0.8. Do you want to create a PR?

[bjohansebas]

We are not affected by that vulnerability, see GHSA-9vvw-cc9w-f27h

[trabetti-hcl]

Thank you @UlisesGascon and @bjohansebas for replying.
Even if the vulnerability does not effect express, the automatic open source scanning tools report it..
If possible to upgrade to a higher version that is still compatible it would help your users that need to run compliance scans.