Security: Update request package to fix SSRF vulnerability

## Description
The request package has a medium severity SSRF (Server-Side Request Forgery) vulnerability that could allow malicious requests.

## Details
- This vulnerability affects the project through transitive dependencies
- Dependabot has flagged this as alert #6
- The vulnerability is in request <= 2.88.2, with no patched version available
- Current dependency tree contains request@2.88.2

## Proposed Solution
Since request is deprecated and no longer maintained, we should consider:

1. Adding an override/resolution for request that forces the latest version
2. Identifying direct dependencies that use request and updating them to use alternatives
3. If possible, replace request with a maintained alternative like node-fetch, axios, or got

## References
- GHSA-p8p7-x288-28g6
- https://github.com/advisories/GHSA-p8p7-x288-28g6


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security: Update request package to fix SSRF vulnerability #16

Description

Details

Proposed Solution

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security: Update request package to fix SSRF vulnerability #16

Description

Description

Details

Proposed Solution

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions