tobiasdroste
commented
3 years ago request also introduces a transitive dependency to json-schema@0.2.3 which contains a CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3918
Open tapiau opened 3 years ago
tobiasdroste
commented
3 years ago request also introduces a transitive dependency to json-schema@0.2.3 which contains a CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3918
AlexandruHoisan
commented
2 years ago are there any intentions of moving away from request and find a suitable replacement?
sthompson-celerity
commented
2 years ago If I were to submit a pull request for this would it actually be considered?
dshakya
commented
2 years ago Any update on this one? Using deprecated dependency doesn't sound good.
simon-biber
commented
1 year ago The recently found vulnerability CVE-2023-28155 in the 'request' package is detected as a dependency vulnerability by OWASP Dependency Check.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142