You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
On Wed, Oct 9, 2019, 05:15 Kamil Ogórek ***@***.***> wrote:
Closed #2260 <#2260>
via #2262 <#2262>.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#2260?email_source=notifications&email_token=AAFDMNAAZUQE6P2EOKHQXULQNW4MTA5CNFSM4I6TQEI2YY3PNVWWK3TUL52HS4DFWZEXG43VMVCXMZLOORHG65DJMZUWGYLUNFXW5KTDN5WW2ZLOORPWSZGOUDM3LOY#event-2698622395>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAFDMNGLVN44XGUQHT3OZTDQNW4MTANCNFSM4I6TQEIQ>
.
Yesterday a patch and new release for node-https-proxy-agent was released, which fixes a Man-in-the-middle vulnerability:
https://github.com/TooTallNate/node-https-proxy-agent/releases/tag/3.0.0
TooTallNate/proxy-agents#77
The node sentry version relies on version 2.2.1:
https://github.com/getsentry/sentry-javascript/blob/master/packages/node/package.json#L24
Unfortunately this vulnerability is causing a build failure in one of our projects because Snyk complains about the vulnerability:
https://snyk.io/vuln/SNYK-JS-HTTPSPROXYAGENT-469131
It would be great to get sentry using the new version of node-https-proxy-agent so we could just update sentry to fix the build failure.
The text was updated successfully, but these errors were encountered: