upgrade superagent to v3.8.1 #115
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MaxPresman
approved these changes
Nov 27, 2017
|
@MaxPresman excuse me for being blunt, but it's about time Pubnub upgrades superagent. Superagent has a security vulnerability that was disclosed on August 6th, 2017. Pubnub was made aware of this vulnerability through my email to the support team, and through a badge on this repository. As of today (November 29th, 2017), a patched Pubnub version has not been released. Pubnub is a SAS company. There is no reason for a SAS application to introduce security vulnerability in its customer's code. If such vulnerability has been introduced, it should be fixed ASAP. The standard SLA for such cases is usually 24 hours, definitely not 4 months! |
MaxPresman
pushed a commit
that referenced
this pull request
Dec 5, 2017
* add missing flow types (#116) * upgrade superagent to v3.8.1 (#115) * Thomasconner add nativescript support (#117) * Add NativeScript support * Add tests for NativeScript * Replace React-Native with NativeScript in NativeScript tests * Fix support for nativescript * Add tasks for to gulpfile for nativescript * Create dist for nativescript * Update .gitignore for nativescript * Remove NativeScript dist bundle * Use NativeScript http module * Remove some Gulp tasks related to NativeScript * Update compiled modules * Update dist bundles * Replace all uses of uuid with lil-uuid * Fix error detection for NartiveScript network module * Check if abort is a function before calling it Some platforms don't return an object that contains an abort function to cancel network requests. This change checks if an abort function is available before calling it. * Update all the builds * add entry point to app with Native Script * resolve eslint issues * add operation delete to native script * remove multi-spaces * replace empty body for the function delete in Native Script * v4.19.0
MaxPresman
pushed a commit
that referenced
this pull request
Jan 5, 2018
* add missing flow types (#116) * upgrade superagent to v3.8.1 (#115) * Thomasconner add nativescript support (#117) * Add NativeScript support * Add tests for NativeScript * Replace React-Native with NativeScript in NativeScript tests * Fix support for nativescript * Add tasks for to gulpfile for nativescript * Create dist for nativescript * Update .gitignore for nativescript * Remove NativeScript dist bundle * Use NativeScript http module * Remove some Gulp tasks related to NativeScript * Update compiled modules * Update dist bundles * Replace all uses of uuid with lil-uuid * Fix error detection for NartiveScript network module * Check if abort is a function before calling it Some platforms don't return an object that contains an abort function to cancel network requests. This change checks if an abort function is available before calling it. * Update all the builds * add entry point to app with Native Script * resolve eslint issues * add operation delete to native script * remove multi-spaces * replace empty body for the function delete in Native Script * v4.19.0 * add method setProxy for Nodejs (#120) * set ssl to true for nodejs by default * Heartbeat configs (#119) * isHeartbeatOnAllSubscriptions * remove isHeartbeatOnAllSubscriptions from the config * start only the heartbeat loop with heartbeatChannels and heartbeatChannelGroup * post merge fixes * 4.20.0 * cleanup
MaxPresman
pushed a commit
that referenced
this pull request
Jan 11, 2018
* add missing flow types (#116) * upgrade superagent to v3.8.1 (#115) * Thomasconner add nativescript support (#117) * Add NativeScript support * Add tests for NativeScript * Replace React-Native with NativeScript in NativeScript tests * Fix support for nativescript * Add tasks for to gulpfile for nativescript * Create dist for nativescript * Update .gitignore for nativescript * Remove NativeScript dist bundle * Use NativeScript http module * Remove some Gulp tasks related to NativeScript * Update compiled modules * Update dist bundles * Replace all uses of uuid with lil-uuid * Fix error detection for NartiveScript network module * Check if abort is a function before calling it Some platforms don't return an object that contains an abort function to cancel network requests. This change checks if an abort function is available before calling it. * Update all the builds * add entry point to app with Native Script * resolve eslint issues * add operation delete to native script * remove multi-spaces * replace empty body for the function delete in Native Script * v4.19.0 * add method setProxy for Nodejs (#120) * set ssl to true for nodejs by default * Heartbeat configs (#119) * isHeartbeatOnAllSubscriptions * remove isHeartbeatOnAllSubscriptions from the config * start only the heartbeat loop with heartbeatChannels and heartbeatChannelGroup * post merge fixes * 4.20.0 * cleanup * update .pubnub.yml and changelog.md * fix yaml identity
madisonsmith
pushed a commit
that referenced
this pull request
Jan 29, 2018
* add missing flow types (#116) * upgrade superagent to v3.8.1 (#115) * Thomasconner add nativescript support (#117) * Add NativeScript support * Add tests for NativeScript * Replace React-Native with NativeScript in NativeScript tests * Fix support for nativescript * Add tasks for to gulpfile for nativescript * Create dist for nativescript * Update .gitignore for nativescript * Remove NativeScript dist bundle * Use NativeScript http module * Remove some Gulp tasks related to NativeScript * Update compiled modules * Update dist bundles * Replace all uses of uuid with lil-uuid * Fix error detection for NartiveScript network module * Check if abort is a function before calling it Some platforms don't return an object that contains an abort function to cancel network requests. This change checks if an abort function is available before calling it. * Update all the builds * add entry point to app with Native Script * resolve eslint issues * add operation delete to native script * remove multi-spaces * replace empty body for the function delete in Native Script * v4.19.0 * add method setProxy for Nodejs (#120) * set ssl to true for nodejs by default * Heartbeat configs (#119) * isHeartbeatOnAllSubscriptions * remove isHeartbeatOnAllSubscriptions from the config * start only the heartbeat loop with heartbeatChannels and heartbeatChannelGroup * post merge fixes * 4.20.0 * cleanup * update .pubnub.yml and changelog.md * fix yaml identity * allow set ssl for nodejs * v4.20.1
madisonsmith
pushed a commit
that referenced
this pull request
Mar 1, 2018
* add missing flow types (#116) * upgrade superagent to v3.8.1 (#115) * Thomasconner add nativescript support (#117) * Add NativeScript support * Add tests for NativeScript * Replace React-Native with NativeScript in NativeScript tests * Fix support for nativescript * Add tasks for to gulpfile for nativescript * Create dist for nativescript * Update .gitignore for nativescript * Remove NativeScript dist bundle * Use NativeScript http module * Remove some Gulp tasks related to NativeScript * Update compiled modules * Update dist bundles * Replace all uses of uuid with lil-uuid * Fix error detection for NartiveScript network module * Check if abort is a function before calling it Some platforms don't return an object that contains an abort function to cancel network requests. This change checks if an abort function is available before calling it. * Update all the builds * add entry point to app with Native Script * resolve eslint issues * add operation delete to native script * remove multi-spaces * replace empty body for the function delete in Native Script * v4.19.0 * add method setProxy for Nodejs (#120) * set ssl to true for nodejs by default * Heartbeat configs (#119) * isHeartbeatOnAllSubscriptions * remove isHeartbeatOnAllSubscriptions from the config * start only the heartbeat loop with heartbeatChannels and heartbeatChannelGroup * post merge fixes * 4.20.0 * cleanup * update .pubnub.yml and changelog.md * fix yaml identity * allow set ssl for nodejs * v4.20.1 * fix signature to delete message * v4.20.2 * sign v4.20.2 to distribution files
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.