search

2lambda123 / osrm-backend

BSD 2-Clause "Simplified" License
0 stars 0 forks source link

Bump the npm_and_yarn group across 1 directory with 9 updates #8

Open dependabot[bot] opened 5 months ago

dependabot[bot] commented 5 months ago

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
@babel/traverse 7.18.13 7.24.7
browserify-sign 4.2.1 4.2.3
yargs-parser 4.2.1 5.0.1
documentation 4.0.0 14.0.3
minimist 0.0.5 1.2.8
faucet 0.0.1 0.0.4
tar 6.1.11 6.2.1

Updates @babel/traverse from 7.18.13 to 7.24.7

Release notes

Sourced from @​babel/traverse's releases.

v7.24.7 (2024-06-05)

:bug: Bug Fix

:house: Internal

  • babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

Committers: 7

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

:bug: Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

:house: Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.7 (2024-06-05)

:bug: Bug Fix

:house: Internal

  • babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.24.6 (2024-05-24)

:bug: Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

:house: Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

v7.24.5 (2024-04-29)

:bug: Bug Fix

  • babel-plugin-transform-classes, babel-traverse
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

:nail_care: Polish

  • babel-parser

... (truncated)

Commits


Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates yargs-parser from 4.2.1 to 5.0.1

Changelog

Sourced from yargs-parser's changelog.

5.0.1 (2021-03-10)

Bug Fixes

  • security: address GHSA-p9pc-299p-vxgp (#362) (1c417bd)
Commits
  • eab6c03 chore: release 5.0.1 (#363)
  • 1c417bd fix(security): address GHSA-p9pc-299p-vxgp (#362)
  • e93a345 chore: mark release in commit history (#361)
  • ee15863 chore: push new package version
  • 4774207 fix: back-porting prototype fixes for really old version (#271)
  • 2c95ba9 chore(release): 5.0.0
  • 5755fa5 docs: use absolute path to yargs logo
  • 76cee1f fix: environment variables should take precedence over config file (#81)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.


Updates documentation from 4.0.0 to 14.0.3

Release notes

Sourced from documentation's releases.

v14.0.0

chore(release): 14.0.0

v13.2.5

No release notes provided.

v13.2.4

No release notes provided.

v13.2.3

No release notes provided.

v6.2.0

Bug Fixes

  • get rid of shelljs dependency (630625d)

Features

  • doctrine: Support decorator syntax in examples (b309d39), closes #1016
  • inferTypes: Support class properties (22d8740), closes #1043

v6.1.0

Bug Fixes

  • lends with object property using literal key (#1035) (99ad49b)

Features

It's just like v5.5.0, except it requires Node 6!

And in doing so, updates the mime dependency and updates the version of node we target in Babel configuration, so... is probably slightly faster, in tiny ways.

Last release before requiring Node 6!

Bug Fixes

  • github links for @​typedef comments should link to comment, not context (#1024) (37a91b2)
  • Make documentation.js compatible with node 4.x for one more version (#1033) (5067ee0)

Features

  • Support --shallow argument for lint command. Closes #956 (#995) (64f660d)
  • Support the .mjs extension by default. (#1023) (b8a7e0d)
  • use reference links for Markdown output, improving brevity (ab494dd)
Changelog

Sourced from documentation's changelog.

14.0.3 (2024-01-30)

Bug Fixes

14.0.2 (2023-05-19)

Bug Fixes

14.0.1 (2022-12-14)

Improvements

  • chore: upgrade git-url-parse to 13.1.0 to fix vulnerabilities #1565
Commits


Updates minimist from 0.0.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates faucet from 0.0.1 to 0.0.4

Changelog

Sourced from faucet's changelog.

v0.0.4 - 2023-02-04

Commits

  • [Deps] update array.prototype.foreach, array.prototype.join, array.prototype.map, array.prototype.push, array.prototype.slice, string.prototype.split, string.prototype.split, tape 84d8f72
  • [actions] update checkout action 8e5332d
  • [Fix] downgrade tap-parser to v0.7.0 79c3ff2
  • [Dev Deps] update @ljharb/eslint-config, aud 42d4d86
  • [Deps] update defined, minimist 5ea8305

v0.0.3 - 2022-09-22

Commits

  • [Fix] use readable-stream to fix tests in node < 1 358d919
  • [Deps] update tap-parser fa1ee37
  • [Deps] update defined 43a11c4

v0.0.2 - 2022-09-22

Merged

Commits

  • [eslint] add npm run lint 4399c97
  • [meta] finish spaces -> tabs 8a62fc5
  • Trim too long assert messages to prevent line overflow f88d449
  • [actions] add reusable workflows 51df79a
  • [meta] add auto-changelog 7a01dd6
  • [Robustness] use string.prototype.trim, array.prototype.foreach, array.prototype.push edcea74
  • [meta] standardize license text 0d4aa82
  • [Robustness] revert non-array .push changes from edcea74 7694712
  • [Robustness] use array.prototype.join, array.prototype.map, string.prototype.split, array.prototype.slice 555e2f6
  • [meta] add sideEffects flag, funding, FUNDING.yml a653c28
  • [Robustness] use safe-regex-test 418c79e
  • [meta] use npmignore to autogenerate an npmignore file 5b18ec4
  • [Refactor] use npm-which to locate tape binary 0a9bd16
  • [Deps] update duplexer, sprintf, tap-parser 6a8765c
  • [Deps] update tape f3ca01e
  • Only apps should have lockfiles d4559ca
  • [Fix] make tests pass 90a49a2
  • [meta] add safe-publish-latest d5d2f41
  • [breaking] add "exports" 2f159b1
  • [Refactor] use non-depreacted sprintf-js successor instead of sprintf 1671ad5
  • [Deps] update minimist 0994d21
Commits
  • 6f06608 v0.0.4
  • 79c3ff2 [Fix] downgrade tap-parser to v0.7.0
  • 84d8f72 [Deps] update array.prototype.foreach, array.prototype.join, `array.proto...
  • 42d4d86 [Dev Deps] update @ljharb/eslint-config, aud
  • 5ea8305 [Deps] update defined, minimist
  • 8e5332d [actions] update checkout action
  • ec6db3a v0.0.3
  • fa1ee37 [Deps] update tap-parser
  • 43a11c4 [Deps] update defined
  • 358d919 [Fix] use readable-stream to fix tests in node < 1
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for faucet since your current version.


Updates parse-path from 3.0.4 to 7.0.0

Release notes

Sourced from parse-path's releases.

7.0.0

Add the parse_failed property — whether the input was parsed successfully or not.

6.0.0

parse-path 6.0.0

Breaking changes

  • The resource property will not contain the port anymore. Added the host property which has the port too.

5.0.0

parse-path 5.0.0

:star: This is a major release of parse-path! :star:

Breaking changes

  • parse-path will not parse git@... ssh URLs anymore. Use parse-url for that.
  • If the input url has a trailing slash, the trailing slash will be added in the pathname too.
  • The port field is a string. By default empty.
  • Added the password field (default: "")
  • The resource may contain the port in it (e.g. resource: "domain.com:4200").

Features

  • Faster
  • More secure
  • Cleaner codebase

Any questions, suggestions, contributions are always welcome! :blush:

4.0.4

Remove the new line characters.

4.0.3

Handle backslash in the input and use query-string, so the module is supported in the browser

4.0.2

Update docs and licence year. :rocket:

4.0.1

Happy New Year! :tada: :rocket:

This pull request is going to update the documentation of this project and add the Buy me a coffee cookies and tea button:

If this project helped you, tea and cookies is perhaps something I would really enjoy. :)

4.0.0

... (truncated)

Commits


Updates parse-url from 3.0.2 to 8.1.0

Release notes

Sourced from parse-url's releases.

8.1.0

parse-url@8.1.0

  • fix: cjs to load normalize-url /cc #58
  • fix: Include index.d.ts in package.json /cc #63
  • feat: support custom SSH username /cc #60
  • feat: improve regex pattern /cc #59

Thanks to @​privatenumber and @​briancoit for their contributions! :cake:

8.0.0

parse-url 8.0.0

Breaking Changes

  • The resource property will not contain the port, but the host one will.
  • Throw an error if the input is invalid. Hence, file paths like /home/path/to/dir will only be valid if the file:// protocol is added (file://home/path/to/dir)
  • Throw an error if the input length exceeds the maximum length (parse.MAX_URL_LENGTH), by default 2048.

Fixes

Other changes

7.0.2

Add the url in the error object, fixes #14

7.0.1

:memo: docs

7.0.0

parse-url 7.0.0

:star: This is a major release of parse-url! :star:

Breaking changes

  • If the input url has a trailing slash, the trailing slash will be added in the pathname too.
  • The port field is a string. By default empty.
  • Added the password field (default: "")
  • The resource may contain the port in it (e.g. resource: "domain.com:4200").

Features

  • Faster
  • More secure
  • Cleaner codebase

6.0.0

... (truncated)

Commits
  • 4412976 Updated docs
  • ac17353 Merge branch 'patch-1' of github.com:briancoit/parse-url into new-version
  • 778a0a5 Merge branch 'support-custom-user' of github.com:privatenumber/parse-url into...
  • 0baab4f Merge branch 'improve-regex' of github.com:privatenumber/parse-url into new-v...
  • d1a4395 Merge branch 'fix-cjs' of github.com:privatenumber/parse-url into new-version
  • 9cacf38 :arrow_up: 8.1.0 :tada:
  • 9a78bd8 Merge pull request #61 from privatenumber/move-funding-yml
  • 1883136 Include index.d.ts in package
  • 92f899b chore: move FUNDING.yml out of workflows
  • 9500430 feat: support custom user in ssh url
  • Additional commits viewable in compare view


Updates tar from 6.1.11 to 6.2.1

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

Documentation

Changelog

Sourced from tar's changelog.

Changelog

7.2

  • DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

  • Update minipass to v7.1.0
  • Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

  • Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
  • Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
  • Add chmod option that defaults to false, and deprecate noChm... _Description has been truncated_
performance-testing-bot[bot] commented 5 months ago

Unable to locate .performanceTestingBot config file

cr-gpt[bot] commented 5 months ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

code-companion-ai[bot] commented 5 months ago

Processing PR updates...

git-greetings[bot] commented 5 months ago

Thanks @dependabot[bot] for opening this PR!

For COLLABORATOR only :

  • To add labels, comment on the issue /label add label1,label2,label3

  • To remove labels, comment on the issue /label remove label1,label2,label3

codesyncapp[bot] commented 5 months ago

Check out the playback for this Pull Request here.

coderabbitai[bot] commented 5 months ago

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share - [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)
Tips ### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.
git-greetings[bot] commented 5 months ago
PR Details of @dependabot[bot] in osrm-backend : OPEN CLOSED TOTAL
2 5 7
socket-security[bot] commented 5 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/documentation@14.0.3 filesystem, unsafe Transitive: environment, eval +122 22.7 MB tmcw
npm/faucet@0.0.4 Transitive: environment, eval, filesystem +76 4.48 MB ljharb

🚮 Removed packages: npm/documentation@4.0.0, npm/faucet@0.0.1

View full report↗︎

guardrails[bot] commented 5 months ago

:warning: We detected 2 security issues in this pull request:

Vulnerable Libraries (2)
Severity | Details :-: | :-- High | [pkg:npm/documentation@14.0.3](https://github.com/2lambda123/osrm-backend/blob/d652912e99355d0a67a0400e7812e3a7d6542a78/package.json#L54) upgrade to: *> 14.0.3* Informational | [pkg:npm/cucumber@1.3.3](https://github.com/2lambda123/osrm-backend/blob/d652912e99355d0a67a0400e7812e3a7d6542a78/package.json) (t) upgrade to: *> 1.3.3* More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

secure-code-warrior-for-github[bot] commented 5 months ago

Micro-Learning Topic: Vulnerable library (Detected by phrase)

Matched on "Vulnerable Libraries"

What is this? (2min video)

Use of vulnerable components will introduce weaknesses into the application. Components with published vulnerabilities will allow easy exploitation as resources will often be available to automate the process.

Try a challenge in Secure Code Warrior