Hello,
In a project I am working on we're using node-red in order to extend project's capabilities.
The final docker image is scanned with different tools to identify security vulnerabilities, and one of reported high vulnerabilities is related to ws 1.1.5 library (a dependency of node-red).
Deatils can be found here: https://www.npmjs.com/advisories/550
What would be the impact of upgrading ws from 1.1.5 to a non-vulnerable version ( minimum 3.3.1, latest version is 6.2.0 ) ?