Open ofekdeitch-oligo opened 1 year ago
Or at least update the version to 2.88.2
https://github.com/coralogix/nodejs-coralogix-sdk/pull/23 because of CVE-2023-28155
Can anyone from the team help? @juan-coralogix
request is deprecated 3 years - any plans to choose an alternative?
And in the same light: Snyk reports that tough-cookie@4.1.3 is also used by your 1.1.28 logger
New version was released that address the security vulnerability reported
According to their npm page: "As of Feb 11th 2020, request is fully deprecated. No new changes are expected land. In fact, none have landed for some time."
I think we ought to migrate to some other library that is still being actively maintained. Thanks 👍