Update dependencies and address security advisory. (#282)

* Update dependencies. * Add security warning. * Version bump 0.6.1. * Upgrade distro on Travis
westy92 · Aug 15, 2020 · 3e281d6 · 3e281d6
1 parent 96e7ddd
commit 3e281d6
Show file tree

Hide file tree

Showing 5 changed files with 5,706 additions and 11 deletions.
diff --git a/.appveyor.yml b/.appveyor.yml
@@ -5,7 +5,7 @@ clone_depth: 5
 
 environment:
   matrix:
-    - nodejs_version: 13
+    - nodejs_version: 14
     - nodejs_version: 12
     - nodejs_version: 10
 

diff --git a/.travis.yml b/.travis.yml
@@ -4,9 +4,12 @@ if: tag IS blank
 os:
   - linux
   - osx
-dist: trusty
+dist: xenial
 sudo: required
 
+services:
+  - xvfb
+
 git:
   depth: 5
 
@@ -26,7 +29,7 @@ after_success:
 
 language: node_js
 node_js:
-  - 13
+  - 14
   - 12
   - 10
 

diff --git a/README.md b/README.md
@@ -22,6 +22,10 @@ HTML to PDF converter via Chrome/Chromium.
 npm install --save html-pdf-chrome
 ```
 
+## Security
+
+This library is **_NOT_** meant to accept untrusted user input. Doing so may have serious security risks such as Server-Side Request Forgery (SSRF).
+
 ## Usage
 
 __Note:__ It is _strongly_ recommended that you keep Chrome running side-by-side with Node.js.  There is significant overhead starting up Chrome for each PDF generation which can be easily avoided.