Hi, thanks for this package!
I think your dependency request uses a version of http-signature that has a security vulnerability:
Severity: Medium
Description: Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.
Publish date: 2019-12-30
Resolution: Upgrade to version kind-of - 6.0.3
request is now deprecated so won't take the fix.
Do you plan to switch from request to something else? (Another node kube client is considering this, but hasn't done so yet)
If you did, this would allow us to use this module
Hi, thanks for this package!
I think your dependency
requestuses a version ofhttp-signaturethat has a security vulnerability:requestis now deprecated so won't take the fix.Do you plan to switch from
requestto something else? (Another node kube client is considering this, but hasn't done so yet)If you did, this would allow us to use this module