[Snyk] Upgrade request from 2.36.0 to 2.88.2

[snyk-bot]

Snyk has created this PR to upgrade request from 2.36.0 to 2.88.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 53 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-02-11.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) npm:qs:20140806	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Override Protection Bypass npm:qs:20170213	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) npm:qs:20140806-1	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution npm:hoek:20180212	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Timing Attack npm:http-signature:20150122	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Remote Memory Exposure npm:request:20160119	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Uninitialized Memory Exposure npm:tunnel-agent:20170305	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:hawk:20160119	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: request

• 2.88.2 - 2020-02-11
• 2.88.0 - 2018-08-10
  

  2.88.0

• 2.87.0 - 2018-05-21
  

  2.87.0

• 2.86.0 - 2018-05-15
  

  2.86.0

• 2.85.0 - 2018-03-12
  

  2.85.0

• 2.84.0 - 2018-03-12
  

  2.84.0

• 2.83.0 - 2017-09-27
• 2.82.0 - 2017-09-19
• 2.81.0 - 2017-03-09
• 2.80.0 - 2017-03-04
• 2.79.0 - 2016-11-18
• 2.78.0 - 2016-11-03
• 2.77.0 - 2016-11-03
• 2.76.0 - 2016-10-25
• 2.75.0 - 2016-09-17
• 2.74.0 - 2016-07-22
• 2.73.0 - 2016-07-09
• 2.72.0 - 2016-04-17
• 2.71.0 - 2016-04-12
• 2.70.0 - 2016-04-05
• 2.69.0 - 2016-01-27
• 2.68.0 - 2016-01-27
• 2.67.0 - 2015-11-19
• 2.66.0 - 2015-11-18
• 2.65.0 - 2015-10-11
• 2.64.0 - 2015-09-25
• 2.63.0 - 2015-09-21
• 2.62.0 - 2015-09-15
• 2.61.0 - 2015-08-19
• 2.60.0 - 2015-07-21
• 2.59.0 - 2015-07-20
• 2.58.0 - 2015-06-16
• 2.57.0 - 2015-05-31
• 2.56.0 - 2015-05-28
• 2.55.0 - 2015-04-05
• 2.54.0 - 2015-03-24
• 2.53.0 - 2015-02-02
• 2.52.0 - 2015-02-02
• 2.51.0 - 2014-12-10
• 2.50.0 - 2014-12-09
• 2.49.0 - 2014-11-28
• 2.48.0 - 2014-11-12
• 2.47.0 - 2014-10-26
• 2.46.0 - 2014-10-23
• 2.45.0 - 2014-10-06
• 2.44.0 - 2014-09-18
• 2.43.0 - 2014-09-18
• 2.42.0 - 2014-09-04
• 2.41.0 - 2014-09-04
• 2.40.0 - 2014-08-06
• 2.39.0 - 2014-07-24
• 2.38.0 - 2014-07-22
• 2.37.0 - 2014-07-07
• 2.36.0 - 2014-05-19

from request GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs