graphql-playground-middleware-express
Advanced tools
graphql-playground-middleware-express - npm Package Compare versions
Comparing version 1.7.16 to 1.7.18
| { | ||
| "name": "graphql-playground-middleware-express", | ||
| "version": "1.7.16", | ||
| "version": "1.7.18", | ||
| "homepage": "https://github.com/graphcool/graphql-playground/tree/master/packages/graphql-playground-middleware-express", | ||
@@ -37,3 +37,3 @@ "description": "GraphQL IDE for better development workflows (GraphQL Subscriptions, interactive docs & collaboration).", | ||
| "dependencies": { | ||
| "graphql-playground-html": "1.6.22" | ||
| "graphql-playground-html": "1.6.25" | ||
| }, | ||
@@ -43,3 +43,4 @@ "typings": "dist/index.d.ts", | ||
| "definition": "dist/index.d.ts" | ||
| } | ||
| }, | ||
| "gitHead": "fb9d5bcc29e28182594fe2e31340b392af70b7d2" | ||
| } |
| # graphql-playground-middleware-express | ||
| > Express middleware to expose an endpoint for the GraphQL Playground IDE | ||
| > **SECURITY NOTE**: All versions of `graphql-playground-express` until `1.7.15` or later have a security vulnerability when unsanitized user input is used while invoking `expressPlayground()`. [Read more below](#security-notes) | ||
| > **SECURITY NOTE**: All versions of `graphql-playground-express` until `1.7.16` or later have a security vulnerability when unsanitized user input is used while invoking `expressPlayground()`. [Read more below](#security-notes) | ||
@@ -36,3 +36,3 @@ ## Installation | ||
| All versions before `1.7.15` were vulnerable to user-defined input to `expressPlayground()`. Read more in [the security notes](https://github.com/prisma/graphql-playground/tree/master/SECURITY.md) | ||
| All versions before `1.7.16` were vulnerable to user-defined input to `expressPlayground()`. Read more in [the security notes](https://github.com/prisma/graphql-playground/tree/master/SECURITY.md) | ||
@@ -44,5 +44,5 @@ ### Security Upgrade Steps | ||
| **yarn:** | ||
| `yarn add graphql-playground-express@^1.7.15` | ||
| `yarn add graphql-playground-express@^1.7.16` | ||
| **npm:** | ||
| `npm install --save graphql-playground-express@^1.7.15` | ||
| `npm install --save graphql-playground-express@^1.7.16` |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by80.41%
6897
- Number of package files
- increased by20%
6
Dependency changes
+ Addedgraphql-playground-html@1.6.25(transitive)
- Removedgraphql-playground-html@1.6.22(transitive)