Fix insecure dependency

Chetan Karande · Chetan Karande · commit c57d2688aaf2 · 2018-02-12T18:40:16.000-05:00
diff --git a/package.json b/package.json
@@ -14,16 +14,14 @@
     "express-session": "^1.13.0",
     "forever": "^0.15.1",
     "helmet": "^2.0.0",
-    "marked": "0.3.5",
+    "marked": "0.3.9",
     "mongodb": "^2.1.18",
     "node-esapi": "0.0.1",
     "serve-favicon": "^2.3.0",
     "swig": "^1.4.2",
     "underscore": "^1.8.3"
   },
   "comments": {
-    "//": "do not upgrade the marked package version it is set by purpose",
-    "//": "to be a vulnerable package to demonstrate an xss introduced through",
     "//": "a9 insecure components"
   },
   "engines": {
