search

ladjs / superagent

Ajax for Node.js and browsers (JS HTTP client). Maintained for @forwardemail, @ladjs, @spamscanner, @breejs, @cabinjs, and @lassjs.
https://ladjs.github.io/superagent/
MIT License
16.59k stars 1.33k forks source link

`npm audit` security alert - patch versions #1551

Closed SimonGoring closed 4 years ago

SimonGoring commented 4 years ago

On running npm audit this warning appears:

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Denial-of-Service Extended Event Loop Blocking               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ qs                                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >= 1.x                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ apoc                                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ apoc > superagent > qs                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/28                              │
└───────────────┴──────────────────────────────────────────────────────────────┘
niftylettuce commented 4 years ago

This will be fixed in latest release v6.0.0 later today.