CurrencyCloud / currencycloud-js

MIT License
20 stars 25 forks source link

Security warnings on installation. #90

Open ermi-ltd opened 1 year ago

ermi-ltd commented 1 year ago

Hi,

While reviewing our logs we have noticed that the currencycloud-js SDK has been triggering a security warning when installed:

$ npm install currency-cloud@4.5.0 --save

changed 1 package, and audited 492 packages in 1s

54 packages are looking for funding
  run `npm fund` for details

5 moderate severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

Would it be possible to migrate away form the deprecated dependency so the application does not trigger security warnings?

Cheers,

Jamie

jonathancouchman commented 1 year ago

Thank you for raising this issue, we will take a look