From 8c6ebd586dc4ef9ec9e62bd01106fade655aa085 Mon Sep 17 00:00:00 2001
From: Mark Stemm <mark.stemm@sysdig.com>
Date: Fri, 26 Oct 2018 05:51:33 -0700
Subject: [PATCH] Update nodejs example (#449)

Update the express version to mitigate some security vulnerabilities.

Update the port to match the one used by demo.yml.

Change to /usr/src/app so npm install works as expected.
---
 examples/nodejs-bad-rest-api/README.md    | 4 ++--
 examples/nodejs-bad-rest-api/demo.yml     | 2 +-
 examples/nodejs-bad-rest-api/package.json | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/examples/nodejs-bad-rest-api/README.md b/examples/nodejs-bad-rest-api/README.md
index fb254a97..25b42e61 100644
--- a/examples/nodejs-bad-rest-api/README.md
+++ b/examples/nodejs-bad-rest-api/README.md
@@ -42,7 +42,7 @@ This starts the following containers:
 Run the following commands to execute arbitrary commands like 'ls', 'pwd', etc:
 
 ```
-$ curl http://localhost:8080/api/exec/ls
+$ curl http://localhost:8181/api/exec/ls
 
 demo.yml
 node_modules
@@ -52,7 +52,7 @@ server.js
 ```
 
 ```
-$ curl http://localhost:8080/api/exec/pwd
+$ curl http://localhost:8181/api/exec/pwd
 
 .../examples/nodejs-bad-rest-api
 ```
diff --git a/examples/nodejs-bad-rest-api/demo.yml b/examples/nodejs-bad-rest-api/demo.yml
index 00b45d2c..dcd9468f 100644
--- a/examples/nodejs-bad-rest-api/demo.yml
+++ b/examples/nodejs-bad-rest-api/demo.yml
@@ -1,7 +1,7 @@
 express_server:
   container_name: express_server
   image: node:latest
-  command: bash -c "apt-get -y update && apt-get -y install runit && npm install && runsv /usr/src/app"
+  command: bash -c "apt-get -y update && apt-get -y install runit && cd /usr/src/app && npm install && runsv /usr/src/app"
   ports:
     - "8181:8181"
   volumes:
diff --git a/examples/nodejs-bad-rest-api/package.json b/examples/nodejs-bad-rest-api/package.json
index 7eb28410..35ec49ba 100644
--- a/examples/nodejs-bad-rest-api/package.json
+++ b/examples/nodejs-bad-rest-api/package.json
@@ -2,6 +2,6 @@
     "name": "bad-rest-api",
     "main": "server.js",
     "dependencies": {
-	"express": "~4.0.0"
+        "express": "~4.16.0"
     }
 }