search

MailOnline / transpile-middleware

Connect/Express middleware to do a minimal transpilation to meet the requirements of a browser.
2 stars 0 forks source link

[Snyk] Upgrade resolve from 1.4.0 to 1.12.2 #3

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade resolve from 1.4.0 to 1.12.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue
Prototype Pollution
SNYK-JS-LODASH-450202
Prototype Pollution
SNYK-JS-LODASH-73638
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639
Prototype Pollution
npm:lodash:20180130
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
Release notes
  • Package name: resolve
    • 1.12.2 - 2019-11-22
      • [Fix] sync/async: pass a dir into maybeUnwrapSymlink
    • 1.12.1 - 2019-11-22
      • [Fix] sync: packageFilter: when preserveSymlinks is false, realpath the pkgfile option (#201)
      • [Docs] fix CI status badge (#200)
      • [meta] add funding field
      • [Dev Deps] update eslint, @ljharb/eslint-config, safe-publish-latest
      • [Tests] use shared travis-ci configs
    • 1.12.0 - 2019-08-01
      • [New] core: add _debug_agent core module, in node 1 through 7
      • [Fix] preserveSymlinks: false ensure that files are realpathed (#197, #195)
      • [Refactor] make maybeUnwrapSymlink
      • [Meta] clean up license so github can detect it
      • [Dev Deps] update tape
      • [Tests] fix symlinks in windows/appveyor
      • [Tests] up to node v12.7, v10.16, v8.16
      • [Tests] gitignore file created in tests; remove it in test setup
    • 1.11.1 - 2019-06-03
      • [Fix] node-modules-paths: correctly resolve paths that are on Windows networked drives (#156)
      • [Fix] Make behavior consistent with require.resolve() for "shadowed" core modules (#148)
    • 1.11.0 - 2019-05-15
      • [New] Add isDirectory; use to speed up node_modules lookups (#192, #191, #190)
      • [Tests] up to node v12.2, v11.15, v6.17
    • 1.10.1 - 2019-04-24

      v1.10.1

    • 1.10.0 - 2019-01-21
      • [New] core: add worker_threads in v11.7+
      • [Fix] sync/async: when package.json main is not a string, throw an error (#178)
      • [Fix] TypeError: Path must be a string. Received undefined (#181)
      • [Tests] up to v11.6, v10.15, v8.15, v6.16
      • [Dev Deps] update eslint, @ljharb/eslint-config, tape
    • 1.9.0 - 2018-12-17
      • [New] async/sync/node-modules-paths: Adds support for “paths” being a function (#172, #173)
      • [New] Implements a "normalize-options" pseudo-hook (#174)
      • [Fix] sync/async: fix preserveSymlinks option (#177)
      • [Fix] sync/async: when package.json main is not a string, throw an error (#178)
      • [Deps] update path-parse
      • [Dev Deps] update eslint, @ljharb/eslint-config, object-keys, safe-publish-latest, tape
      • [Tests] up to node v11.4, v10.14, v8.14, v6.15
      • [Tests] better failure messages
    • 1.8.1 - 2018-06-17
      • [Fix] resolution when filename option is passed (#167, #162)
      • [Docs] clean up readme code
      • [Tests] improve output of symlink tests that fail on Mac
      • [Tests] up to node v10.4
    • 1.8.0 - 2018-06-15
      • [New] include filename in error message (#162)
      • [New] core: add trace_events, v8/tools/arguments
      • [New] add fs/promises to the list of core modules
      • [Fix] core: _tls_legacy is removed in node 10
      • [Tests] up to node v10.1, v9.11, v8.11, v6.14, 4.9
    • 1.7.1 - 2018-04-12
    • 1.7.0 - 2018-04-07
    • 1.6.0 - 2018-03-20
    • 1.5.0 - 2017-10-25
    • 1.4.0 - 2017-07-26
    • from resolve GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs