Migrate off nodemailer-sendgrid

Question

Migrate off nodemailer-sendgrid

YasharF opened this issue a year ago · 2 comments

The package is unmaintained and using a vulnerable dependency:

request  *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/node-quickbooks/node_modules/request
node_modules/request
  @sendgrid/client  <=6.5.5
  Depends on vulnerable versions of request
  node_modules/@sendgrid/client
    @sendgrid/mail  <=6.5.5
    Depends on vulnerable versions of @sendgrid/client
    node_modules/@sendgrid/mail
      nodemailer-sendgrid  *
      Depends on vulnerable versions of @sendgrid/mail
      node_modules/nodemailer-sendgrid

Answer 1 · 2023-07-15T11:05:05.000Z

The official library from SendGrid https://github.com/sendgrid/nodemailer-sendgrid-transport has also been deprecated and no longer supported by SendGrid.

Answer 2 · 2023-07-16T13:00:50.000Z

Fixed by 0c8048a