commons-server using vulnerable package bson-objectid v2.0.3

**Describe the bug**

@mockoon/commons-server currently uses a dependency [bson-objectid v2.0.3](https://github.com/williamkapke/bson-objectid).
According to npm [v2.0.3](https://www.npmjs.com/package/bson-objectid) is the latest version.

This version contains vulnerable code which gets flagged by some security scanners.
The vulnerability in mind is the following:
[security.snyk.io/vuln/SNYK-JS-BSONOBJECTID-570765](https://security.snyk.io/vuln/SNYK-JS-BSONOBJECTID-570765)

I know this package is used in a very minimal way to allow creation of IDs in templates, but it would be nice to either move away from using this package or get some support for the currently open PR for this fix (this [PR](https://github.com/williamkapke/bson-objectid/pull/34) has been opened since 2020 so doubt that much will happen soon).

**Mockoon version**
cli - 2.1.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

commons-server using vulnerable package bson-objectid v2.0.3 #829

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

commons-server using vulnerable package bson-objectid v2.0.3 #829

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions