Fix insecure dependency

OWASP · Feb 12, 2018 · c57d268 · c57d268
1 parent d479bbd
commit c57d268
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/package.json b/package.json
@@ -14,16 +14,14 @@
     "express-session": "^1.13.0",
     "forever": "^0.15.1",
     "helmet": "^2.0.0",
-    "marked": "0.3.5",
+    "marked": "0.3.9",
     "mongodb": "^2.1.18",
     "node-esapi": "0.0.1",
     "serve-favicon": "^2.3.0",
     "swig": "^1.4.2",
     "underscore": "^1.8.3"
   },
   "comments": {
-    "//": "do not upgrade the marked package version it is set by purpose",
-    "//": "to be a vulnerable package to demonstrate an xss introduced through",
     "//": "a9 insecure components"
   },
   "engines": {