Hey, I just saw this package is using a really outdated version of `superagent` which has a peer dependency to `form-data` with a CVE 9.x https://github.com/Asana/node-asana/blob/master/package.json#L20 ``` $ yarn why form-data └─ superagent@npm:5.3.1 └─ form-data@npm:3.0.2 (via npm:^3.0.0) ``` https://nvd.nist.gov/vuln/detail/CVE-2025-7783
Hey, I just saw this package is using a really outdated version of
superagentwhich has a peer dependency toform-datawith a CVE 9.xhttps://github.com/Asana/node-asana/blob/master/package.json#L20
https://nvd.nist.gov/vuln/detail/CVE-2025-7783