Issue with request package and CVE

[Yasholma]

Have you read our Code of Conduct? By filing an Issue, you are expected to comply with it, including treating everyone with respect.

Description

I have found out there is a vulnerability issue with one of your packages
"request": "~2.88.2", this package however is out of date and no new updated will be done on it as stated here: request/request#3455, please can you consider to review this package and if possible replace it from your end ?

[orimdominic]

Hello @Yasholma Thanks for this!
It is not a good move to report security vulnerabilities via GitHub issues.
The proper way is to send a mail.
Why? This issue is public. Hackers can see it and take advantage of it.

Cheers!

[bytes-of-tsena]

this issue's still not fixed yet. more vulnerabilities have creeped in since then. They're 4 in number.

The flutterwave maintainers should consider using one of these alternatives

reason: the maintainers of request won't maintain it anymore as stated here

[winterrdog]

if you're paranoid, you can use this instead 🤝