You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As stated in #123 there was a security vulnerability down the dependency tree.
Unfortunately the well known but already deprecated library [email protected] depends on "http-signature": "~1.2.0".
As you might be aware, there are still many (open source) packages out there which have not replaced request with a more up2date http client.
I am aware that this is not a long-term solution/fix but I kindly ask if there is any possibility to back-port the jsprim update from #123 / #125 to a version 1.2.1?
The text was updated successfully, but these errors were encountered:
As stated in #123 there was a security vulnerability down the dependency tree.
Unfortunately the well known but already deprecated library
[email protected]
depends on"http-signature": "~1.2.0"
.As you might be aware, there are still many (open source) packages out there which have not replaced request with a more up2date http client.
I am aware that this is not a long-term solution/fix but I kindly ask if there is any possibility to back-port the jsprim update from #123 / #125 to a version 1.2.1?
The text was updated successfully, but these errors were encountered: