Improve Security and Update Dependencies

js/server.js

@@ -12,6 +12,7 @@ var io = require("socket.io")(server);
 var path = require("path");
 var ipfilter = require("express-ipfilter").IpFilter;
 var fs = require("fs");
+var helmet = require("helmet");
 
 var Server = function(config, callback) {
 	console.log("Starting server op port " + config.port + " ... ");
@@ -27,6 +28,7 @@ var Server = function(config, callback) {
 			res.status(403).send("This device is not allowed to access your mirror. <br> Please check your config.js or config.js.sample to change this.");
 		});
 	});
+	app.use(helmet());
 
 	app.use("/js", express.static(__dirname));
 	app.use("/config", express.static(path.resolve(__dirname + "/../config")));

package.json

@@ -17,7 +17,9 @@
     "modular"
   ],
   "author": "Michael Teeuw",
-  "contributors": ["https://github.com/MichMich/MagicMirror/graphs/contributors"],
+  "contributors": [
+    "https://github.com/MichMich/MagicMirror/graphs/contributors"
+  ],
   "license": "MIT",
   "bugs": {
     "url": "https://github.com/MichMich/MagicMirror/issues"
@@ -27,23 +29,24 @@
     "grunt": "latest",
     "grunt-eslint": "latest",
     "grunt-jsonlint": "latest",
-    "grunt-markdownlint": "^1.0.4",
+    "grunt-markdownlint": "^1.0.13",
     "grunt-stylelint": "latest",
     "grunt-yamllint": "latest",
     "stylelint-config-standard": "latest",
     "time-grunt": "latest"
   },
   "dependencies": {
-    "electron": "^1.4.6",
+    "electron": "^1.4.7",
     "express": "^4.14.0",
     "express-ipfilter": "latest",
     "feedme": "latest",
+    "helmet": "^3.1.0",
     "iconv-lite": "latest",
     "moment": "latest",
-    "request": "^2.74.0",
+    "request": "^2.78.0",
     "rrule": "latest",
-    "simple-git": "^1.54.0",
+    "simple-git": "^1.62.0",
-    "socket.io": "^1.4.6",
+    "socket.io": "^1.5.1",
     "valid-url": "latest",
     "walk": "latest"
   }