New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update request to 2.88 #2496
Comments
PRs welcome. If CI is happy we're happy to merge it.
…On Sat., 15 Sep. 2018, 1:26 am Yoann Colin, ***@***.***> wrote:
The package extend 3.0.1, which is a dependency of request 2.87 has a
vulnerability :
https://hackerone.com/reports/381185
Is it possible to upgrade ro request 2.88 which has fix his own
package.json to use the fixed extend 3.0.2 ?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#2496>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAjZWFBsVdY4HjaxZHP6bwms8C295ohiks5ua8qvgaJpZM4Wpewd>
.
|
The package `extend 3.0.1`, which is a dependency of `request 2.87` has a vulnerability : https://hackerone.com/reports/381185 Upgrade `request` to v.2.88 will install `extend` v.3.0.2, the fixed version. Fix #2496
Is there a release with this fix? |
Not yet. I don't know who can make a new release. |
@xzyfer Is there a release planned with this fix? I'd like to use a release instead of a git commit in my package.json. |
Sorry to do this, but: @xzyfer @andre @deanmao @bwilkins @keithamus @LaurentGoderre @nschonni @adamyeats @am11 Can someone please release this to npm? |
v4.9.4 released |
angular/angular#21202
Can you suggest how we can fix this for |
The version of |
Thanks @nschonni, your suggestion worked perfectly! I'm certainly impressed by the quick turnaround of the contributors of this project :) |
Implement exponents for numbers
The package
extend 3.0.1
, which is a dependency ofrequest 2.87
has a vulnerability :https://hackerone.com/reports/381185
Is it possible to upgrade ro
request 2.88
which has fix his ownpackage.json
to use the fixedextend 3.0.2
?The text was updated successfully, but these errors were encountered: