search

winstonjs / node-loggly

A client implementation for Loggly in node.js
http://github.com/winstonjs/node-loggly
Other
233 stars 81 forks source link

Upgrade request dependency version #57

Open mlingner opened 8 years ago

mlingner commented 8 years ago

The request version being used right now is vulnerable to the issue discussed here: https://snyk.io/vuln/npm:request:20160119. It should be updated to 2.69.x. Thanks!

tobiasc commented 8 years ago

This issue is increasingly relevant, since the current version of request@2.67.x has a further vulnerability from it's tough-cookie dependency (https://nodesecurity.io/advisories/130, fixed in request@2.74.x).

This PR seems to fix it: https://github.com/winstonjs/node-loggly/pull/60