Vulnerabilities in dependencies

[jkuek]

I'm using version 2.4.0, which seems to be the latest.

It has dependencies on System.Net.Http 4.3.0 and System.Text.RegularExpressions 4.3.0, both of which have vulnerabilities with high severity:
GHSA-cmhx-cq75-c4mj
GHSA-7jgj-8wvc-jh57

What are the chances of getting an updated package that addresses this?
Or is there an alternative package I could use?

[scale-tone]

Hey @jkuek , it's been a while since I last touched this codebase, that's for sure.
But let me just push an update for you...

[jkuek]

No pressure, I guess the bigger question is whether this library is still supported?

If necessary I could remove my dependency on it, but I won't if I can just update it

[scale-tone]

whether this library is still supported?

I'm happy to make patches/security fixes/package bump-ups, if folks see it as a value.
But let's be honest: hard to expect new features/major updates from me here.

For your particular issue I can try to bump it up to netstandard2.1 (that seems to resolve it, from what I can see from dependency graph in Visual Studio) and push an update. Should I?