Bump request version to most recent

jmreyes / passport-google-id-token

Google ID token authentication strategy for Passport and Node.js.

MIT License

44 stars 22 forks source link

Bump request version to most recent #22

Closed joeherm closed 7 years ago

joeherm commented 7 years ago

Sorry to open another PR for this! I had bumped to the minimum request version that would solve that vulnerability, but there have actually been other vulnerabilities in request and its dependencies since then, for example (https://nodesecurity.io/advisories/130).

I've bumped to the newest version of request since it solves all these issues and still passes tests.

jmreyes commented 7 years ago

On the contrary, thanks to you for keeping an eye on this! Good to know that there are at least some concerned devs that help by notifying this sort of issues that can sometimes be difficult to keep track of...