crisp-im / node-crisp-api

:zap: Crisp API Node Wrapper
https://docs.crisp.chat/guides/rest-api/
MIT License
99 stars 38 forks source link

Critical issue with socket-io #47

Closed riepmore closed 1 year ago

riepmore commented 1 year ago

Hello,

Our NPM audit say this in the current version of the SDK.

Screenshot 2022-12-08 at 12 00 44

After seeing the advisories [https://www.npmjs.com/advisories/1085044], it seems pretty serious, npm suggests to install the crisp-api >=5.2.0 to solve this issue but we don't want to downgrade either.

Is there's something we can do ? Thanks.

valeriansaliou commented 1 year ago

Hello there,

We heavily recommend upgrading to the latest version of our library. Please refer to the breaking changes here: https://github.com/crisp-im/node-crisp-api/blob/master/CHANGELOG.md

Which version are you running?