Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

restler dependency is very outdated #49

Closed
matthewmayer opened this issue Jul 26, 2021 · 1 comment · Fixed by #50
Closed

restler dependency is very outdated #49

matthewmayer opened this issue Jul 26, 2021 · 1 comment · Fixed by #50

Comments

@matthewmayer
Copy link

Client version

4.3.2

Expected behaviour

installing sendwithus installs a minimal number of packages.

Actual behaviour

npm i sendwithus depends on restler, which hasnt been updated for 6 years, and depends on a large number of packages, many of which report security issues.

up to date, audited 314 packages in 8s

33 vulnerabilities (11 low, 13 moderate, 8 high, 1 critical)

To address all issues, run:
  npm audit fix

Suggest to switch from restler to something like node-fetch

Steps to reproduce

npm i sendwithus
@dlsteuer
Copy link

@matthewmayer thanks for bringing this to our attention, we'll slot this in an upcoming sprint to update.

@rob-swu rob-swu mentioned this issue Aug 9, 2021
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

remove restler dependency and replace with node-fetch sendwithus/sendwithus_nodejs
2 participants
@matthewmayer @dlsteuer