This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- electron/package.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **589/1000** **Why?** Has a fix available, CVSS 7.5 | Directory Traversal [SNYK-JS-MOMENT-2440688](https://snyk.io/vuln/SNYK-JS-MOMENT-2440688) | No | No Known Exploit
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | No | Proof of Concept
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Prototype Pollution [SNYK-JS-OBJECTION-1582910](https://snyk.io/vuln/SNYK-JS-OBJECTION-1582910) | Yes | Proof of Concept
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Denial of Service (DoS) [SNYK-JS-SQLITE3-2388645](https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645) | No | Proof of Concept
 | **641/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.4 | Access Restriction Bypass [SNYK-JS-URLPARSE-2401205](https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205) | No | Proof of Concept
 | **641/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.4 | Authorization Bypass [SNYK-JS-URLPARSE-2407759](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759) | No | Proof of Concept
 | **726/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Improper Input Validation [SNYK-JS-URLPARSE-2407770](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770) | No | Proof of Concept
 | **631/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Authorization Bypass Through User-Controlled Key [SNYK-JS-URLPARSE-2412697](https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697) | No | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: objection
The new version differs by 47 commits.
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/maygo/project/e3e83011-d767-4830-9ca8-299c9f55c630?utm_source=github&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/maygo/project/e3e83011-d767-4830-9ca8-299c9f55c630?utm_source=github&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"366f1301-9650-43c5-8539-8b5677463339","prPublicId":"366f1301-9650-43c5-8539-8b5677463339","dependencies":[{"name":"moment","from":"2.29.1","to":"2.29.4"},{"name":"objection","from":"2.2.18","to":"3.0.0"},{"name":"sqlite3","from":"5.0.2","to":"5.0.3"},{"name":"url-parse","from":"1.5.4","to":"1.5.9"}],"packageManager":"npm","projectPublicId":"e3e83011-d767-4830-9ca8-299c9f55c630","projectUrl":"https://app.snyk.io/org/maygo/project/e3e83011-d767-4830-9ca8-299c9f55c630?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-URLPARSE-2412697","SNYK-JS-URLPARSE-2407770","SNYK-JS-URLPARSE-2407759","SNYK-JS-URLPARSE-2401205","SNYK-JS-SQLITE3-2388645","SNYK-JS-OBJECTION-1582910","SNYK-JS-MOMENT-2944238","SNYK-JS-MOMENT-2440688"],"upgrade":["SNYK-JS-MOMENT-2440688","SNYK-JS-MOMENT-2944238","SNYK-JS-OBJECTION-1582910","SNYK-JS-SQLITE3-2388645","SNYK-JS-URLPARSE-2401205","SNYK-JS-URLPARSE-2407759","SNYK-JS-URLPARSE-2407770","SNYK-JS-URLPARSE-2412697"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[631,726,641,641,696,696,696,589]})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Denial of Service (DoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
🦉 [Prototype Pollution](https://learn.snyk.io/lessons/prototype-pollution/javascript/?loc=fix-pr)
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
🦉 [More lessons are available in Snyk Learn](https://learn.snyk.io?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - electron/package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **589/1000****Why?** Has a fix available, CVSS 7.5 | Directory Traversal
[SNYK-JS-MOMENT-2440688](https://snyk.io/vuln/SNYK-JS-MOMENT-2440688) | No | No Known Exploit  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | No | Proof of Concept  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-OBJECTION-1582910](https://snyk.io/vuln/SNYK-JS-OBJECTION-1582910) | Yes | Proof of Concept  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Denial of Service (DoS)
[SNYK-JS-SQLITE3-2388645](https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645) | No | Proof of Concept  | **641/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.4 | Access Restriction Bypass
[SNYK-JS-URLPARSE-2401205](https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205) | No | Proof of Concept  | **641/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.4 | Authorization Bypass
[SNYK-JS-URLPARSE-2407759](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759) | No | Proof of Concept  | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Improper Input Validation
[SNYK-JS-URLPARSE-2407770](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770) | No | Proof of Concept  | **631/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Authorization Bypass Through User-Controlled Key
[SNYK-JS-URLPARSE-2412697](https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697) | No | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: objection
The new version differs by 47 commits.- f5ad7b9 v3.0.0
- 8d018f4 add 3.0 migration guide
- 2dda083 update examples to use objection 3
- 4c80295 make new test work with mysql
- 139c594 make eslint support esnext typescript target
- 5de9e2a Support esnext typescript target on latest typescript versions
- a06f9e6 Update find-methods.md
- 9a66f21 Fix a bug with typescript 4 and allowGraph
- 0ececc7 rename stuff from eager to withGraph in tests
- cef73c4 cleanup
- d8ca98a closes #2024
- 5ddccc4 add typing tests to the main test command
- f626133 rename test commands
- 4933649 support latest knex
- 8f44dd5 update deps
- 7116382 fix tests
- 90350f4 fixes #1997
- e51974d closes #1905
- eedbad0 closes #1936
- 707e561 run prettier
- aef27c1 add package lock
- 23ce2af remove deprecated methods
- 7c8a282 remove unused stuff
- 8f9a148 v3.0.0-alpha.6
See the full diffPackage name: sqlite3
The new version differs by 44 commits.- 573784b v5.0.3
- e5a24fd Deleted `examples/` folder
- b05f459 Added note about GitHub Releases to CHANGELOG.md
- 33d0656 Modernised Usage example in README
- 9d05c55 Fixed up more README nits
- 08d6319 Fixed link to API docs
- 0e2235a Altered wording in README
- 76b6c56 Altered README header
- e3df365 Updated README
- 426930f Enabled CI to run when pushing tags
- a21d41f Fixed uploading binaries to commit artifacts
- bc978c7 Fixed CI step wording
- 7f744a1 Added prebuilt binaries via GitHub Releases
- b4b3c3a Deleted `scripts/` directory
- 71bbdea Pinned dev dependencies (#1558)
- a597383 Updated badges in README
- 0eb4a0f Deleted Travis and Appveyor configs
- b58d341 Downgraded `mocha` and `eslint`
- f39b10d Added missing Node versions to CI
- 8db96d4 Replaced Python extraction script with JS (#1570)
- 11c988c Fixed Windows build architecture in CI
- 8e63848 Updated Windows CI runner to `windows-latest`
- d9e7d8b Fixed building on MacOS Monterey 12.3
- 859b95b Updated `node-gyp` to v8.x
See the full diffPackage name: url-parse
The new version differs by 19 commits.- ad23357 1.5.9
- 0e3fb54 [fix] Strip all control characters from the beginning of the URL
- 61864a8 [security] Add credits for CVE-2022-0686
- bb0104d 1.5.8
- d5c6479 [fix] Handle the case where the port is specified but empty
- 4f2ae67 [security] Add credits for CVE-2022-0639
- 8b3f5f2 1.5.7
- ef45a13 [fix] Readd the empty userinfo to `url.href` (#226)
- 88df234 [doc] Add soft deprecation notice
- 78e9f2f [security] Fix nits
- e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
- 4c9fa23 1.5.6
- 7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
- e4a5807 1.5.5
- 193b44b [minor] Simplify whitespace regex
- 319851b [fix] Remove CR, HT, and LF
- 4e53a8c [doc] Document that the returned hostname might be invalid
- 9be7ee8 [fix] Correctly handle userinfo containing the at sign
- f7774f6 [security] Fix typos in SECURITY.md
See the full diff