Closed lalexl closed 4 months ago
Latest commit: b5729cbb8851e414af881f3a86bf27e241fbee58
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
The latest updates on your projects. Learn more about Vercel for Git ↗︎
Name | Status | Preview | Updated (UTC) |
---|---|---|---|
proxy-agents | ❌ Failed (Inspect) | Feb 15, 2024 5:06am |
This is not necessary. Run npm upgrade
in your project to update the dependencies.
@TooTallNate would you please consider upgraded release of `socks-proxy-agent with updated socks? this is nested in npm distribution:
├─┬ make-fetch-happen@13.0.0
│ ├─┬ @npmcli/agent@2.1.1
│ │ ├─┬ http-proxy-agent@7.0.0
│ │ │ ├─┬ agent-base@7.1.0
│ │ │ │ └── debug@4.3.4 deduped
│ │ │ └── debug@4.3.4 deduped
│ │ ├─┬ https-proxy-agent@7.0.1
│ │ │ ├── agent-base@7.1.0 deduped
│ │ │ └── debug@4.3.4 deduped
│ │ ├── lru-cache@10.0.1 deduped
│ │ └─┬ socks-proxy-agent@8.0.1
│ │ ├── agent-base@7.1.0 deduped
│ │ ├── debug@4.3.4 deduped
│ │ └─┬ socks@2.7.1
│ │ ├── ip@2.0.0
I won't, because the semver range on that dependency is already loose enough to allow for the installation of socks@2.7.3
. Please run npm upgrade
or the equivalent for the package manager that you are using in order to update those nested dependencies.
socks 2.7.1 depends on ip 2.0.0 impacted by Critical https://github.com/advisories/GHSA-78xj-cgh5-2h22 socks 2.7.3 removes dependency on ip