Closed crudo closed 2 years ago
Thanks @crudo for launching this PR. Snyk has identified a vulnerability with VM 3.9.3 package version. So hoping for you to merge this PR soon ?
@TooTallNate This is also being reported as a critical vulnerability in our dependency chain, affecting the following packages:
superagent-proxy@3.0.0
› proxy-agent@5.0.0
› pac-proxy-agent@5.0.0
› pac-resolver@5.0.0
› degenerator@3.0.1
› vm2@3.9.4
vm2@3.9.5 (and, more recently, vm2@3.9.6) contain security fixes. Any chance we could bump the vm2 dependency here?
https://security.snyk.io/vuln/SNYK-JS-VM2-1585918