Skip to content

update request to 2.74.x to patch vulnerability in 2.67.x #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 28, 2016
Merged

update request to 2.74.x to patch vulnerability in 2.67.x #60

merged 1 commit into from
Jul 28, 2016

Conversation

jshimko
Copy link
Contributor

@jshimko jshimko commented Jul 23, 2016

The current version of request that this package depends on has a vulnerability that has been patched in a later version. This upgrades to the latest.

More info: https://snyk.io/vuln/npm:request:20160119

@tobiasc tobiasc mentioned this pull request Jul 25, 2016
Open
@jshimko jshimko mentioned this pull request Jul 27, 2016
Closed
@indexzero indexzero merged commit ce605ad into winstonjs:master Jul 28, 2016
@jshimko
Copy link
Contributor Author

jshimko commented Jul 28, 2016

Thanks!

@jshimko jshimko deleted the request-upgrade branch July 29, 2016 05:25
@jshimko
Copy link
Contributor Author

jshimko commented Jul 29, 2016

Would you mind pushing this update to NPM when you have a moment? Thanks!

@aaronjudd
Copy link

@indexzero any news of when this will be pushed? we need this dependency updated to get bunyan-loggly passing security checks...

@deyhle
Copy link

deyhle commented Aug 23, 2016

+1 for a new version on npm

@jshimko jshimko mentioned this pull request Aug 25, 2016
Closed
@gavacho
Copy link

gavacho commented Aug 29, 2016

Need this published to npm

benjaminpearson pushed a commit to inlight-media/winston-loggly that referenced this pull request Sep 13, 2016
Use patched commit of node loggly library
8a5f5de 
Waiting for node loggly library to be published to npm before this can
be done without referencing the github commit. Check
winstonjs/node-loggly#60 for status update on
whether it has been published.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jshimko @aaronjudd @deyhle @gavacho @indexzero