Nightwatch: High vulnerability in nightwatch @ 1.6.1

Created on 30 Mar 2021  路  6Comments  路  Source: nightwatchjs/nightwatch

image

I will check possible updates.

picture deleonio
👍5

Most helpful comment

I just released v1.6.2.

picture beatfactor on 6 Apr 2021
🎉2

All 6 comments

I don't see how we can fix this until the proxy package is upgraded. Or am I not aware of something? In the next major version I think the proxy should not be a dependency of nightwatch.

beatfactor picture beatfactor on 1 Apr 2021

@beatfactor The proxy package has been upgraded. Specifically, pac-resolver was upgraded to use a new version of netmask in 4.1.1, and pac-proxy-agent and proxy-agent do not need to be upgraded to pull in the fix because their dependency version ranges allow the patch update. What remains is for Nightwatch to upgrade the proxy-agent dependency version range from ^3.1.1 to something that includes at least 4.0.1.

IceCreamYou picture IceCreamYou on 1 Apr 2021

Added proxy-agent 4.0.1 in main branch.

beatfactor picture beatfactor on 2 Apr 2021
🎉2

Thank you for fixing this. When can we expect new version release with this hotfix?

lattam picture lattam on 6 Apr 2021

I just released v1.6.2.

beatfactor picture beatfactor on 6 Apr 2021
🎉2

Thank you very much!

deleonio picture deleonio on 7 Apr 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

betweenbrain picture betweenbrain  路  4Comments
Pieras2 picture Pieras2  路  3Comments
aking1012 picture aking1012  路  4Comments
gary5 picture gary5  路  4Comments
MateuszJeziorski picture MateuszJeziorski  路  3Comments