Vulnerability for ip 2.0 package in socks-proxy-agent

[enfcyco]

Vulnerability for ip package in socks-proxy-agent. Can that removed and propagated up through the packages that use it?

This issue was changed to be a problem in IP 2.0 also.

https://github.com/advisories/GHSA-78xj-cgh5-2h22

Thanks

[invaderb]

This is due to the dependency on socks which has the dependency on the vulnerable ip package. in socks 2.7.3 they removed the ip dependency

https://github.com/JoshGlazebrook/socks/releases/tag/2.7.3

[TooTallNate]

This was already fixed in https://github.com/TooTallNate/proxy-agents/pull/281.