search

BestGamersH / Multipurpose-Discord-Bot

The bot that has everything! - Leveling • Music • Memes • Moderation • nsfw • Logging • Tickets • Reaction Roles • Fun • Anime • Applications • Much More
MIT License
114 stars 42 forks source link

[Snyk] Upgrade xml2js from 0.5.0 to 0.6.2 #34

Closed BestGamersH closed 1 year ago

BestGamersH commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade xml2js from 0.5.0 to 0.6.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **3 versions** ahead of your current version. - The recommended version was released **3 months ago**, on 2023-07-26.
Release notes
Package name: xml2js
  • 0.6.2 - 2023-07-26

    New release, 0.6.2

      </li>
  <li>
    <b>0.6.1</b> - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.1">2023-07-25</a></br><p>Update version number for release 0.6.1</p>
  </li>
  <li>
    <b>0.6.0</b> - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.0">2023-05-25</a></br><p>Release new version</p>
  </li>
  <li>
    <b>0.5.0</b> - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.5.0">2023-04-09</a></br><p>Update package.json with latest PR</p>
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases">xml2js GitHub release notes</a>

Commit messages
Package name: xml2js
  • cf3e061 New release, 0.6.2
  • cb2f77e Fix read-only constraint via mistyped key name
  • 8e9a120 Update version number for release 0.6.1
  • 30f9d61 Replace filtering of names with `defineProperty`
  • ba46e54 Update package lock
  • 0e29f0e Release new version
  • a25035c Remove old unused files
  • 1de4688 Merge pull request #680 from Leonidas-from-XIV/zap-dependency-fix
  • 3b97ae5 Merge pull request #681 from Leonidas-from-XIV/cve-compat-fix
  • 167a385 Fix zap to be the original dependency
  • 5f6620f Compile changed coffeescript code
  • 044cfe5 Undo API changes from #603
  • 7292aa9 fix: include missed key check
  • 4c8ec89 fix: revert incorrectly adapted code
  • ad3a297 refactor: extract function for key check
  • d486007 fix: explicitly ignore vulnerable properties
  • 246252a chore: revert previous CVE fix
  • b856cb8 Add upper bound for coffeescript (for now)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs