search

Leko / IDDFS

iterative deepening depth-first search (IDDFS) for JavaScript
MIT License
2 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #137

Open Leko opened 11 months ago

Leko commented 11 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: eslint The new version differs by 250 commits.
  • a7985a6 6.0.0
  • be74dd9 Build: changelog update for 6.0.0
  • 81aa06b Upgrade: espree@6.0.0 (#11869)
  • 5f022bc Fix: no-else-return autofix produces name collisions (fixes #11069) (#11867)
  • ded9548 Fix: multiline-comment-style incorrect message (#11864)
  • cad074d Docs: Add JSHint W047 compat to no-floating-decimal (#11861)
  • 41f6304 Upgrade: sinon (#11855)
  • 167ce87 Chore: remove unuseable profile command (#11854)
  • c844c6f Fix: max-len properly ignore trailing comments (fixes #11838) (#11841)
  • 1b5661a Fix: no-var should not fix variables named 'let' (fixes #11830) (#11832)
  • 4d75956 Build: CI with Azure Pipelines (#11845)
  • 1db3462 Chore: rm superfluous argument & fix perf-multifiles-targets (#11834)
  • c57a4a4 Upgrade: @ babel/polyfill => core-js v3 (#11833)
  • 65faa04 Docs: Clarify prefer-destructuring array/object difference (fixes #9970) (#11851)
  • 81c3823 Fix: require-atomic-updates reports parameters (fixes #11723) (#11774)
  • aef8ea1 Sponsors: Sync README with website
  • 4f48f5a 6.0.0-rc.0
  • 6bad650 Build: changelog update for 6.0.0-rc.0
  • f403b07 Update: introduce minKeys option to sort-keys rule (fixes #11624) (#11625)
  • 87451f4 Fix: no-octal should report NonOctalDecimalIntegerLiteral (fixes #11794) (#11805)
  • e4ab053 Update: support "bigint" in valid-typeof rule (#11802)
  • e0fafc8 Chore: removes unnecessary assignment in loop (#11780)
  • 20908a3 Docs: removed '>' prefix from from docs/working-with-rules (#11818)
  • 1c43eef Sponsors: Sync README with website
See the full diff
Package name: nyc The new version differs by 166 commits.
  • bebf4d6 chore(release): 15.0.0
  • 2931730 chore: Update to final releases of dependencies (#1245)
  • d44ff19 chore: Update node-preload and use process-on-spawn (#1243)
  • 5258e9f feat: Filenames relative to project cwd in coverage reports (#1212)
  • 6039f29 chore: Unpin test-exclude, update to latest pre-releases (#1240)
  • f3c9e6c chore: Temporarily pin test-exclude (#1239)
  • 28ed746 chore: Lazy load modules that are rarely/never needed in test processes. (#1232)
  • 7307626 chore: Remove cp-file module (#1230)
  • dfd629d fix: Better error handling for main execution, reporting (#1229)
  • 549c953 chore: Update dependencies, pin find-cache-dir (#1228)
  • a1dee03 chore: Update yargs (#1224)
  • 8078a79 chore: Fix 404 in README.md. (#1220)
  • 7a02cb7 chore: Add enterprise language (#1217)
  • ea94c7f chore: Remove unused functions (#1218)
  • 53c66b9 docs: `npm home nyc` goes to github master branch README (#1201)
  • cf5e5d3 chore: Update dependencies
  • 8411a26 fix: Correct handling of source-maps for pre-instrumented files (#1216)
  • f890360 docs: Fix URL to default excludes in README.md (#1214)
  • 3726bbb chore: Update to async version of istanbul-lib-source-maps (#1199)
  • 0efc6d1 chore: Tweak arguments for async coverage data readers (#1198)
  • cc77e13 chore: Add `use strict` to all except fixtures (#1197)
  • bcbe1df chore: Update dependencies (#1196)
  • 2735ee2 chore: 100% coverage (#1195)
  • fd40d49 feat: Use @ istanbuljs/schema for yargs setup (#1194)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/leko/project/2f5ec0ea-475a-4509-9c0b-7b1bc17b94c1?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/leko/project/2f5ec0ea-475a-4509-9c0b-7b1bc17b94c1?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"011d7a9c-afd9-45d7-a272-aaf7d155af8d","prPublicId":"011d7a9c-afd9-45d7-a272-aaf7d155af8d","dependencies":[{"name":"eslint","from":"5.11.1","to":"6.0.0"},{"name":"nyc","from":"12.0.2","to":"15.0.0"}],"packageManager":"npm","projectPublicId":"2f5ec0ea-475a-4509-9c0b-7b1bc17b94c1","projectUrl":"https://app.snyk.io/org/leko/project/2f5ec0ea-475a-4509-9c0b-7b1bc17b94c1?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[661],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)