-
Notifications
You must be signed in to change notification settings - Fork 760
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade superagent #813
Upgrade superagent #813
Conversation
Can we get this one merged soon? It looks good. |
@titanism Any chance we could get this merged? It closes CVE-2022-25901 which has been up for way too long. |
Maybe @yunnysunny or @lamweili ? |
I do not have the permission. And the bumped dependencies is development dependencies. |
I agree with @yunnysunny. The CVE-2022-25901 affects
So there shouldn't be any vulnerabilities, as the versioning is not fixed at So I am unsure why there is any urgency for this version bump. |
@lamweili In our case we need to have no CVE's in our code repository for compliancy reasons with a local regulatory body. It's no biggie though, we'll just move off of supertest. |
I don't quite understand how the CVE exist in your code repository. I'm guessing your Line 9 in ffb96df
It's strange why
|
@titanism, what's your take on this? Maybe we should remove For the weird resolution issue, we can also defensively up to |
@cupofjoakim, your issue should have been resolved. @titanism, thanks for the release! |
That did it, thank you very much! |
Great to hear! |
Checklist
#812