DPr00f / steam-api-node

Steam Web Api Integration
MIT License
33 stars 16 forks source link

[Snyk] Security upgrade merge from 1.2.1 to 2.1.0 #22

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-MERGE-1040469
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: merge The new version differs by 25 commits.
  • 8686d85 build: bump version
  • 80151be build
  • 0acaaf3 build: update dev dependencies
  • f571887 Merge pull request #38 from 418sec/master
  • 869927f Merge pull request #1 from alromh87/master
  • c2f8454 Fix Prototype Pollution
  • bf8b1ff build: include typings
  • ece8885 Merge pull request #32 from yeikos/develop
  • 43ffa43 build: include only needed files
  • 7bf0fc8 fix: export default function (typings)
  • 159e724 build: bump version
  • 21f4105 fix: default typings
  • 36d4b9c build: new npm scripts
  • eabfd6f build: CommonJS support
  • bf85170 test: add merge script
  • 75ba781 build: add editor config
  • 2d2b54a build: update ignored files
  • b36036a docs: remove license copyright
  • 1385593 build: update main script and description
  • 2b22e6b docs: update readme
  • 7cc6574 build: package-lock.json
  • 29e46a8 build: ts and webpack config
  • da8d5a9 build: compiled sources
  • f3e2133 refactor: from js to ts
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic