dependencies upgrade of module superagent due to a public vulnerability #410
Labels
type: security
Security issues/fixes.
Comments
|
Thanks for creating the issue @bhavishraj - we've been waiting for superagent to resolve their security issue but took a while due their package dependency chain. |
|
Hi @bhavishraj - libhoney 4.3.0 has now been released with the updated superagent dependency. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Versions
Description
Dependent module superagent had a public vulnerability with formidable dependency in version 8, and hence have released v9.0.0+ with the fix.
More info is present in the link: ladjs/superagent#1800
Can you please look into it and upgrade dependency for superagent accordingly.
(Please include any relevant CVE advisory links)
The text was updated successfully, but these errors were encountered: