HaloSPV3 / HCE

HCE & SPV3 projects by Miris 'n' Crew.
https://source.n2.network/hce/
14 stars 0 forks source link

[Snyk] Security upgrade semantic-release from 18.0.0 to 19.0.0 #266

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342073
Yes Proof of Concept
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342082
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: semantic-release The new version differs by 41 commits.
  • 95af1e4 Merge pull request #2332 from semantic-release/beta
  • f634b8c fix(npm-plugin): upgraded to the beta, which upgrades npm to v8
  • d9e5bc0 fix: upgrade `marked` to resolve ReDos vulnerability (#2330)
  • dd7d664 docs: fix a broken link (#2318)
  • cd6136d docs: wrong prerelease example (#2307)
  • e62c83d docs: remove repeated 'with' word (#2289)
  • 5d78fa4 docs(breaking-change): highlighted the need for `BREAKING CHANGE: ` to be in the commit footer (#2283)
  • b64855f docs(badge): mentioned referencing the commit convention (#2269)
  • 09bcf7a docs: update badges to include preset names (#2266)
  • 8e96b23 docs(issue-templates): fixed links to templates for opening issues (#2264)
  • 5535268 docs: fix typo (#2262)
  • 7f971f3 fix: bump @ semantic-release/commit-analyzer to 9.0.2 (#2258)
  • e636621 docs(troubleshooting): typo (#2254)
  • f2a2def docs(recipes): fix path to recipes (#2253)
  • 628e29e chore(deps): update dependency got to v11.8.3 (#2251)
  • 8fda7fd docs(recipes): moved recipes to sub-directories to align with gitbook expectations (#2246)
  • 52d76a2 docs(plugin-list): updates semantic-release-plus/docker with updated lifecycle hook. (#2243)
  • f092dd1 chore(deps): update dependency nock to v13.2.1 (#2242)
  • 03aa7d0 docs(badge): switched to proper semantic-release logo (#2235)
  • bc146e4 docs(gitbook): updated the summary document so that missing pages are rendered by gitbook (#2234)
  • 5f9d1d1 chore(deps): update dependency nock to v13.2.0 (#2233)
  • 7ff71ad chore(deps): update dependency sinon to v12.0.1 (#2231)
  • d3958b8 Revert "chore(deps): update dependency p-retry to v5" (#2230)
  • 4ae9209 chore(deps): update dependency p-retry to v5 (#2229)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

codeclimate[bot] commented 2 years ago

Code Climate has analyzed commit 5de29260 and detected 0 issues on this pull request.

View more on Code Climate.