This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
Proposed solution (optional)
There are newer versions of rimraf (https://github.com/isaacs/rimraf) available that require newer versions of glob, which don't have the transitive dependency on inflight.
Note that to remove inflight entirely, this related issue would also need to be addressed: #495
I understand that this may be a lower priority task, just noting it for consideration. Thank you!
Is there an existing issue for this?
Use case description
My team is required to run Snyk vulnerability scanning on our dependencies, and Snyk highlights the following series of dependencies:
serverless-python-requirements@6.1.0 › rimraf@3.0.2 › glob@7.2.3 › inflight@1.0.6
Inflight (https://www.npmjs.com/package/inflight) brings up a vulnerability finding in Snyk (https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) and is also deprecated:
Proposed solution (optional)
There are newer versions of rimraf (https://github.com/isaacs/rimraf) available that require newer versions of glob, which don't have the transitive dependency on inflight.
Note that to remove inflight entirely, this related issue would also need to be addressed: #495
I understand that this may be a lower priority task, just noting it for consideration. Thank you!