-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerabilities in dependencies #63
Comments
Thanks for the heads up @Berkmann18! This is our backlog for a fix; however, PRs are always welcome :) |
I'm currently updated the relevant changes but after running
So here's the output of the test (after updating the
|
Other than that ^, I get this after running
|
Those files are ok that they are failing, this is a result of us having PRs left over from Hacktoberfest. If the other tests are passing, we are g2g |
So can I submit a PR without worrying about those fails? |
Yes and thank you! |
License date changed to an up-to-date one This commit should resolve sendgrid#25 and sendgrid#63.
Since these vulnerabilities regarding the aforementioned dependencies were resolved, I'm closing this issue. |
Thanks @Berkmann18! |
After running an NSP scan, I discovered that this package was using vulnerable versions of both
qs
andmime
that needs to be updated to version v7 and v2.0.3 respectively.Sources:
https://nodesecurity.io/advisories/535
The text was updated successfully, but these errors were encountered: