This repository was archived by the owner on Oct 15, 2024. It is now read-only.
This repository was archived by the owner on Oct 15, 2024. It is now read-only.
Use latest jsonld and jsonld-signatures #180
Description
Hi,
Our recent security scan reported a few vulnerabilities from jsonld-signatures-bbs. This seems mostly to be because jsonld-signatures-bbs is not using the latest version of jsonld and jsonld-signature. I wonder when will you upgrade the dependencies.
To recreate this, just do:
npm i @mattrglobal/jsonld-signatures-bbs
You will see that npm reports 7 moderate severity vulnerabilities. Some of those are flagged as high severity per WhiteSource scan.