Remove stringjs dependency due to vulnerability in string 3.3. It is used so little there is no need for the extra dependency in Swagger-tools.

skillsoftstevemarusa · skillsoftstevemarusa · commit 212f14a99b92 · 2017-10-17T18:38:16.000-04:00
Source: CERT Name: https://nodesecurity.io/advisories/536 Url: https://nodesecurity.io/advisories/536 Source: CERT Name: jprichardson/string.js#212 Url: jprichardson/string.js#212
diff --git a/bin/swagger-tools b/bin/swagger-tools
@@ -35,9 +35,13 @@ var path = require('path');
 var pkg = require('../package.json');
 var program = require('commander');
 var request = require('superagent');
-var S = require('string');
 var YAML = require('js-yaml');
 
+String.prototype.padRight = function (length) {
+  var pad = Array(256).join(' ');
+  return (this + pad).substring(0, length);
+};
+
 var exitWithError = function (msg) {
   console.error();
   console.error('  error: ' + msg);
@@ -222,8 +226,8 @@ program
     console.log('Swagger ' + version + ' Information:');
     console.log();
 
-    console.log('  ' + S('documentation url').padRight(paddingAmount).s + spec.docsUrl);
-    console.log('  ' + S('schema(s) url').padRight(paddingAmount).s + spec.schemasUrl);
+    console.log('  ' + 'documentation url'.padRight(paddingAmount) + spec.docsUrl);
+    console.log('  ' + 'schema(s) url'.padRight(paddingAmount) + spec.schemasUrl);
     console.log();
   });
 
diff --git a/package.json b/package.json
@@ -79,7 +79,6 @@
     "qs": "^6.0.3",
     "serve-static": "^1.10.0",
     "spark-md5": "^3.0.0",
-    "string": "^3.3.0",
     "superagent": "^3.5.2",
     "swagger-converter": "^0.1.7",
     "traverse": "^0.6.6",
