Netmask vulnerability
yinzara opened this issue · comments
Matthew Vance commented
https://www.npmjs.com/advisories/1658
This library uses the "pac-resolver" package which currently has an open PR to upgrade netmask
to 2.0.1
TooTallNate/node-pac-resolver#25
Once this is closed and a new version released, this project will also need to update.
Juan Ignacio Restrepo commented
@yinzara TooTallNate/node-pac-resolver#25 was merged yesterday. It seems that this project won't need the update, since pac-resolver released a new patch version. It should get picked up automatically by pac-proxy-agent.
Nathan Rajlich commented
@juan-restrepo Is correct, the semver range allows for the new 4.1.1
to be picked up. Please run yarn upgrade
or equivalent.