the dependency proxy-agent has been renamed, The new is no longer dependent socks-proxy-agent.

microsoft / code-push

A cloud service that enables Cordova and React Native developers to deploy mobile app updates directly to their users’ devices.

https://microsoft.github.io/code-push/

Other

4.37k stars 501 forks source link

the dependency proxy-agent has been renamed, The new is no longer dependent socks-proxy-agent. #837

Closed daltachange closed 7 months ago

daltachange commented 9 months ago

link: https://github.com/TooTallNate/proxy-agents/releases

proxy-agents's dependency -> socks-proxy-agent 8.0.2 socks-proxy-agent's dependency -> "socks": "^2.7.1" socks's dependency -> ip: 2.0.0 the module ip is not safe.

Can you update the dependencies.

MikhailSuendukov commented 8 months ago

Hello and thanks for reaching out to us! I apologize for the long delay, could you please point which vulnerability you are referring to?

DmitriyKirakosyan commented 7 months ago

ip's vulnerability was fixed in https://github.com/microsoft/code-push/pull/838. Closing.