Closed nytamin closed 4 years ago
request@2.74.0 has a dependency of tunnel-agent@0.4.1, which has a reported vulnerability (see https://nodesecurity.io/advisories/598).
This PR upgrades the dependency of request to latest, in which tunnel-agent also have been fixed.
Closing this as request is deprecated, so the proper solution would be to use another lib altogether.
request@2.74.0 has a dependency of tunnel-agent@0.4.1, which has a reported vulnerability (see https://nodesecurity.io/advisories/598).
This PR upgrades the dependency of request to latest, in which tunnel-agent also have been fixed.