Closed roelsgaard closed 4 years ago
Hey @roelsgaard , thanks for pointing that out. We will be replacing node-df shortly.
Hi @roelsgaard ! We'll remove node-df
this week. I'll make a note to let you know once we release a new version of the agent. Thanks again for opening this issue!
Hey! We've released anew version of the agent without the node-df
dependency. Closing this issue.
It looks like you use node-df. However node-df has a serious vulnerability for command injections and currently there are no fix fo this. I would strongly suggest to find an alternative or leave out the package altogether until it is fixed. https://www.npmjs.com/advisories/1431