Dependent Lib: Request should upgrade to newer version

[drawyan]

Problem: The current dependent lib request version of request": "2.75.x" has an old dependency of aws-sign2: 0.6.0 which has a serious bug of duplicated exporting names: https://github.com/request/aws-sign/issues/7

And this is preventing bundle tools such as rollup to fail because it can't allow duplicated exports from the same module.

[dogboydog]

Another reason to do this: the version of request used uses a vulernable tough-cookie dependency

https://nodesecurity.io/advisories/525

New version is available after this PR closed (https://github.com/salesforce/tough-cookie/issues/92). Please update so nsp check and other security tools can succeed without adding exceptions

[mmukarram]

Yet another reason: the 2.75.x version(s) of request uses a deprecated version of node-uuid which has now been transitioned to uuid. More on this change here: https://github.com/kelektiv/node-uuid/issues/142

Since there is already a pull request #75 for this, can it be merged?

[GreenGremlin]

And another...

The current pinned version of the request module has an ancestral dependency on a version of hoek that has a DDOS vulnerability.

Upgrading the request module to any version > 2.84.0 should suffice.

[jimmywarting]

hoek node module before 5.0.3 or 4.2.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability - updating request will maybe solve it