This PR changes Package.json to upgrade request to the newer 2.74.0 version, and will fix the vulnerability listed above.
You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.
Note this PR fixes all the vulnerabilities introduced trough request dependency, in order to be vulnerability free you will need to upgrade octocat,analytics-node and body-parser dependencies as well.
Hi, I merged the project to a new repo to start maintain it, I would be glad if you can put your pull request here : https://github.com/loprima-l/nuts-2
nuts currently has a 5 vulnerable dependency paths, introducing 2 different types of known vulnerabilities.
This PR fixes vulnerable dependency, remote memory exposure vulnerability in the
request
dependency.You can see Snyk test report of this project for details.
This PR changes
Package.json
to upgraderequest
to the newer 2.74.0 version, and will fix the vulnerability listed above. You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.Note this PR fixes all the vulnerabilities introduced trough
request
dependency, in order to be vulnerability free you will need to upgradeoctocat
,analytics-node
andbody-parser
dependencies as well.Stay Secure, The Snyk Team