From 780a8ca1017be7d855577c6f476b66e5d301cdc0 Mon Sep 17 00:00:00 2001
From: Joe Fleming <w33ble@users.noreply.github.com>
Date: Wed, 27 Sep 2017 08:57:21 -0700
Subject: [PATCH] Update helmet and compression

Alternative to https://github.com/w33ble/customer-manager-vue-demo/pull/4

Both older versions had a ReDoS vulnerable version of debug.
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index b152058..f03d20a 100644
--- a/package.json
+++ b/package.json
@@ -11,9 +11,9 @@
     "start": "NODE_ENV=production node ."
   },
   "dependencies": {
-    "compression": "^1.0.3",
+    "compression": "^1.7.1",
     "cors": "^2.5.2",
-    "helmet": "^3.6.1",
+    "helmet": "^3.8.2",
     "isarray": "~1.0.0",
     "loopback": "^3.0.0",
     "loopback-boot": "^2.6.5",