search

podio / podio-js

Official Podio JavaScript SDK for node and the browser
http://podio.github.io/podio-js/
MIT License
45 stars 49 forks source link

High Pri Security vulnerability with lodash #60

Open snayagar opened 5 years ago

snayagar commented 5 years ago

Hey guys,

I just installed this lib and npm spotted this high pri security issue:

https://www.npmjs.com/advisories/1065

Its recommendation is to upgrade lodash to >=4.17.12

dmatteo commented 4 years ago

@snayagar this repo is not maintained anymore

kYem commented 4 years ago

@dmatteo is there another js repo that is maintained? Or the js support is not available anymore?

dmatteo commented 4 years ago

AFAIK no sdk is maintained by Citrix anymore (see https://github.com/podio/podio-js/issues/58#issuecomment-408406544)

If you care to maintain it, you should build a strong case and bring it up to Citrix that you will take over maintenance for the project (like what happened with podio-php)

Best of luck to you!

On Mon, Dec 16, 2019, 7:57 AM Kestutis Kasiulynas notifications@github.com wrote:

@dmatteo https://github.com/dmatteo is there another js repo that is maintained? Or the js support is not available anymore?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/podio/podio-js/issues/60?email_source=notifications&email_token=AA7GZMZ2UECFH2NU5LLN34DQY6QOZA5CNFSM4JRJWFC2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEG7FOFI#issuecomment-566122261, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA7GZM64MGJVZZBORG5WLKLQY6QOZANCNFSM4JRJWFCQ .