Open sk91 opened 5 years ago
snyk test --dev
Testing /Users/maximk/projects/selfkey/Identity-Wallet...
✗ Low severity vulnerability found in lodash.merge
Description: Prototype Pollution
Info: https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173732
Introduced through: @commitlint/cli@7.2.1
From: @commitlint/cli@7.2.1 > lodash.merge@4.6.1
✗ Low severity vulnerability found in lodash
Description: Prototype Pollution
Info: https://snyk.io/vuln/SNYK-JS-LODASH-73638
Introduced through: snyk@1.110.2
From: snyk@1.110.2 > snyk-nodejs-lockfile-parser@1.7.1 > lodash@4.17.10
Remediation:
Upgrade direct dependency snyk@1.110.2 to snyk@1.124.1 (triggers upgrades to snyk@1.124.1 > snyk-nodejs-lockfile-parser@1.10.2 > lodash@4.17.11)
✗ Low severity vulnerability found in braces
Description: Regular Expression Denial of Service (ReDoS)
Info: https://snyk.io/vuln/npm:braces:20180219
Introduced through: jest@23.6.0, babel-jest@23.6.0, jest-cucumber@1.0.11, commitizen@3.0.5
From: jest@23.6.0 > jest-cli@23.6.0 > micromatch@2.3.11 > braces@1.8.5
From: babel-jest@23.6.0 > babel-plugin-istanbul@4.1.6 > test-exclude@4.2.3 > micromatch@2.3.11 > braces@1.8.5
From: jest-cucumber@1.0.11 > jest@23.6.0 > jest-cli@23.6.0 > micromatch@2.3.11 > braces@1.8.5
and 123 more...
Remediation:
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency babel-jest@23.6.0 to babel-jest@24.0.0 (triggers upgrades to babel-jest@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency commitizen@3.0.5 to commitizen@3.0.6 (triggers upgrades to commitizen@3.0.6 > find-node-modules@2.0.0 > findup-sync@3.0.0 > micromatch@3.0.4 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-jasmine2@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-resolve-dependencies@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-jasmine2@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > expect@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-jasmine2@24.0.0 > expect@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-jasmine2@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-resolve-dependencies@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-haste-map@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-jasmine2@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-config@24.0.0 > babel-jest@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-jasmine2@24.1.0 > expect@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > babel-jest@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-jasmine2@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > babel-jest@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-jasmine2@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > expect@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > expect@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-config@24.0.0 > babel-jest@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > expect@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-config@24.1.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > expect@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > babel-jest@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-snapshot@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > babel-jest@24.0.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > expect@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > expect@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-jasmine2@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-config@24.1.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > babel-jest@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > jest-config@24.0.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-environment-node@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > expect@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-environment-jsdom@24.0.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-snapshot@24.1.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > babel-jest@24.1.0 > babel-plugin-istanbul@5.1.0 > test-exclude@5.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > jest-config@24.1.0 > jest-jasmine2@24.1.0 > jest-util@24.0.0 > jest-message-util@24.0.0 > micromatch@3.1.10 > braces@2.3.1)
✗ Medium severity vulnerability found in mem
Description: Denial of Service (DoS)
Info: https://snyk.io/vuln/npm:mem:20180117
Introduced through: jest@23.6.0, npm-check@5.9.0, jest-cucumber@1.0.11
From: jest@23.6.0 > jest-cli@23.6.0 > yargs@11.1.0 > os-locale@2.1.0 > mem@1.1.0
From: npm-check@5.9.0 > depcheck@0.6.11 > yargs@8.0.2 > os-locale@2.1.0 > mem@1.1.0
From: jest@23.6.0 > jest-cli@23.6.0 > jest-runtime@23.6.0 > yargs@11.1.0 > os-locale@2.1.0 > mem@1.1.0
and 4 more...
Remediation:
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
Some paths have no direct dependency upgrade that can address this issue. Run `snyk wizard` to explore remediation options.
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runtime@24.0.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
Upgrade direct dependency jest@23.6.0 to jest@24.0.0 (triggers upgrades to jest@24.0.0 > jest-cli@24.0.0 > jest-runner@24.0.0 > jest-runtime@24.0.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runtime@24.1.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
Upgrade direct dependency jest-cucumber@1.0.11 to jest-cucumber@2.0.6 (triggers upgrades to jest-cucumber@2.0.6 > jest@24.1.0 > jest-cli@24.1.0 > jest-runner@24.1.0 > jest-runtime@24.1.0 > yargs@12.0.2 > os-locale@3.0.1 > mem@4.0.0)
✗ Medium severity vulnerability found in lodash
Description: Regular Expression Denial of Service (ReDoS)
Info: https://snyk.io/vuln/SNYK-JS-LODASH-73639
Introduced through: snyk@1.110.2
From: snyk@1.110.2 > snyk-nodejs-lockfile-parser@1.7.1 > lodash@4.17.10
Remediation:
Upgrade direct dependency snyk@1.110.2 to snyk@1.124.1 (triggers upgrades to snyk@1.124.1 > snyk-nodejs-lockfile-parser@1.10.2 > lodash@4.17.11)
✗ High severity vulnerability found in shelljs
Description: Command Injection
Info: https://snyk.io/vuln/npm:shelljs:20140723
Introduced through: commitizen@3.0.5
From: commitizen@3.0.5 > shelljs@0.7.6
Organisation: sk91
Package manager: yarn
Target file: yarn.lock
Open source: no
Project path: /Users/maximk/projects/selfkey/Identity-Wallet
Local Snyk policy: found
Tested 2239 dependencies for known vulnerabilities, found 6 vulnerabilities, 137 vulnerable paths.
[ ] Regular Expression Denial of Service (ReDoS)
[ ] Prototype Pollution
[ ] fix dev warnings as well
[ ] install yarn 1.13.0 as dev dependancy
[ ] fix any additional issues
yarn audit
will report[ ] revisit snyk policy and update if needed