Upgrade and temporarily comment vulnerable dependency (#48)