Closed bhavishraj closed 3 months ago
Thanks for creating the issue @bhavishraj - we've been waiting for superagent to resolve their security issue but took a while due their package dependency chain.
Hi @bhavishraj - libhoney 4.3.0 has now been released with the updated superagent dependency.
Versions
Description
Dependent module superagent had a public vulnerability with formidable dependency in version 8, and hence have released v9.0.0+ with the fix. More info is present in the link: https://github.com/ladjs/superagent/pull/1800 Can you please look into it and upgrade dependency for superagent accordingly. (Please include any relevant CVE advisory links)