This package uses an outdated version of superagent in v5 which is almost 5 years old. Superagent v10 is now available containing CVE fixes.
Installing this package results in two npm WARN deprecated messages, resulting in 7 low severity vulnerabilities.
$ npm i shutterstock-api
npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated superagent@5.3.1: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
added 37 packages in 2s
7 low severity vulnerabilities
$ npm ls superagent
[redacted]@1.0.0 [redacted]
└─┬ shutterstock-api@1.1.41
└── superagent@5.3.1
$ npm ls formidable
[redacted]@1.0.0 [redacted]
└─┬ shutterstock-api@1.1.41
└── superagent@5.3.1
Would an update to superagent@latest be possible?
This package uses an outdated version of superagent in v5 which is almost 5 years old. Superagent v10 is now available containing CVE fixes.
Installing this package results in two npm WARN deprecated messages, resulting in 7 low severity vulnerabilities.
Would an update to superagent@latest be possible?