You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@helix.apache.org by "helix-bot (via GitHub)" <gi...@apache.org> on 2023/05/04 19:51:44 UTC

[GitHub] [helix] helix-bot commented on a diff in pull request #2475: remove proxy-agent to fix upstream vm2 vulnerability

helix-bot commented on code in PR #2475:
URL: https://github.com/apache/helix/pull/2475#discussion_r1185451974


##########
helix-front/server/app.ts:
##########
@@ -8,17 +8,9 @@ import http from 'http';
 import https from 'https';
 import session from 'express-session';
 import * as appInsights from 'applicationinsights';
-import ProxyAgent from 'proxy-agent';
-
-import {
-  APP_INSIGHTS_CONNECTION_STRING,
-  PROXY_URL,

Review Comment:
   @hivivo that sounds like a reasonable alternative approach. I'll close this PR in favor of https://github.com/apache/helix/pull/2479, which specifies the new version of vm2 in package.resolutions so that it will work for npm users of helix-front as well. Thanks for the review. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@helix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@helix.apache.org
For additional commands, e-mail: reviews-help@helix.apache.org