Closed rajarv closed 4 years ago
luisnaranjo733
commented
5 years ago @TooTallNate could you please review? We need this fix to get merged and published to unblock other packages that depend on this package so that they can do the same.
react-native-code-push ==> code-push ==> superagent-proxy
luisnaranjo733
commented
5 years ago Actually, on closer inspection it looks like this PR is redundant and can be closed. superagent-proxy requires "proxy-agent@3", which is already wide. The version of proxy-agent with the fix is 3.1.1, which is already covered by "proxy-agent@3".
If you don't see https-proxy-agent@3 in your node_modules already, then it's probably because of our package-lock.json or yarn.lock. In my case, all I needed to do was re-install the dependency that included superagent-proxy to refresh the dependency graph and get https-proxy-agent@3.
Thanks for the fix @TooTallNate!
@TooTallNate Please merge and publish to avoid MitM Vulnerability.