search

ladjs / superagent

Ajax for Node.js and browsers (JS HTTP client). Maintained for @forwardemail, @ladjs, @spamscanner, @breejs, @cabinjs, and @lassjs.
https://ladjs.github.io/superagent/
MIT License
16.58k stars 1.33k forks source link

superagent dependancy package semver latest version is not upgrading for yarn install #1770

Closed nusureshb05 closed 1 year ago

nusureshb05 commented 1 year ago

Node version:v16.20.0

OS version: Mac ventura 13.3.1

Description: We are upgrading the latest version of superagent 8.0.9 in package.json and ran npm/yarn install command. It's dependancy package semver latest version 7.5.3 is not showing but getting 7.3.8. We need the latest version 7.5.3 for fixing the security vulnerability issue. Please help us to get the latest version for dependant package semver 7.5.3

I have checked with the latest node version 18.16.1 also but semver package is getting the version 7.5.3

Madhust commented 1 year ago

I have added a PR to use semver@7.5.*. It would be great if you guys take a peek at it.

https://github.com/ladjs/superagent/pull/1771

titanism commented 1 year ago

This is not a vulnerability.