From 9f023ca91e38c5c7caaa31bf5e4d8a6d2d42c069 Mon Sep 17 00:00:00 2001
From: Matthew Herbst <m@ttherb.st>
Date: Sun, 2 Dec 2018 22:06:19 -0800
Subject: [PATCH] Ensure `request` >= 2.83.0

Versions of `request` before 2.83.0 are susceptible to a ReDoS
attack via it's dependency `tough-cookie`. Version 2.83.0 of
`request` upgrades the version of `touch-cookie` to one that is no
longer susceptible to the attack.

Vulnerability advisory:
https://www.npmjs.com/advisories/525

`request` CHANGELOG:
https://github.com/request/request/blob/master/CHANGELOG.md#v2830-20170927
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 6d0eaa5..378216f 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
     "loggly"
   ],
   "dependencies": {
-    "request": ">=2.76.0 <3.0.0",
+    "request": ">=2.83.0 <3.0.0",
     "moment": "^2.18.1",
     "json-stringify-safe": "5.0.x"
   },