RCE vulnerability in `pac-resolver`

[epfremmer]

I recently ran into a request to address a security vulnerability related to pac-resolver@4.2.0 which is being used by my application through ember-cli-deploy-s3@3.0.0 › proxy-agent@4.0.1 › pac-proxy-agent@4.1.0 › pac-resolver@4.2.0

Related vulnerability: https://arstechnica.com/information-technology/2021/09/npm-package-with-3-million-weekly-downloads-had-a-severe-vulnerability/?amp=1

It looks like proxy-agent@5.0.0 is using the latest version of pac-proxy-agent@5.0.0 which resolves the problem.

Would it be possible to get an update to ember-cli-deploy-s3 to bump proxy-agent to the latest version?

[apulverizer]

FYI this was resolved with version 3.1.0. The issue is no longer reported in our security scans after upgrading.