Open Coteh opened 6 days ago
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/body-parser@1.20.3 | network Transitive: environment, eval, filesystem, unsafe | +30 |
1.24 MB | ulisesgascon |
npm/express-session@1.18.1 | environment Transitive: filesystem, network | +6 |
190 kB | ulisesgascon |
npm/express@4.21.1 | Transitive: environment, eval, filesystem, network, unsafe | +49 |
1.34 MB | blakeembrey, dougwilson, linusu, ...4 more |
๐ฎ Removed packages: npm/body-parser@1.20.2, npm/express-session@1.17.3, npm/express@4.18.2
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 82.89%. Comparing base (
879342e
) to head (e89ff5b
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 6.3
SNYK-JS-COOKIE-8163060
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: express
The new version differs by 112 commits.Package name: express-session
The new version differs by 47 commits.Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: ๐ง View latest project report
๐ Adjust project settings
๐ Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
๐ฆ Cross-site Scripting (XSS)