Closed
Description
The Request.js library has been deprecated (see request/request#3142), and is actively pushing folks to use other libraries (see request/request#3143).
There's currently a security vulnerability via request's dependencies, making it even more important to move to a more supported library.
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate │ json-schema is vulnerable to Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ json-schema │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.4.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ swagger-stats │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ swagger-stats > request > http-signature > jsprim > │
│ │ json-schema │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://github.com/advisories/GHSA-896r-f27r-55mw │
└───────────────┴──────────────────────────────────────────────────────────────┘