igor-vishnevsky
commented
1 year ago Or at least update the version to 2.88.2 https://github.com/coralogix/nodejs-coralogix-sdk/pull/23 because of CVE-2023-28155
Open ofekdeitch-oligo opened 1 year ago
igor-vishnevsky
commented
1 year ago Or at least update the version to 2.88.2 https://github.com/coralogix/nodejs-coralogix-sdk/pull/23 because of CVE-2023-28155
saharaquant
commented
1 year ago Can anyone from the team help? @juan-coralogix
geoynomous
commented
11 months ago request is deprecated 3 years - any plans to choose an alternative?
And in the same light: Snyk reports that tough-cookie@4.1.3 is also used by your 1.1.28 logger
royfur
commented
8 months ago New version was released that address the security vulnerability reported
According to their npm page: "As of Feb 11th 2020, request is fully deprecated. No new changes are expected land. In fact, none have landed for some time."
I think we ought to migrate to some other library that is still being actively maintained. Thanks 👍