search

Soluto / webdriverio-zap-proxy

Demo - how to easily build security testing for Web App, using Zap and Glue
MIT License
58 stars 13 forks source link

[Snyk] Security upgrade webdriverio from 4.6.2 to 4.11.0 #24

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090599		 No No Known Exploit
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090600		 No No Known Exploit
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090601		 No No Known Exploit
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090602		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: webdriverio The new version differs by 250 commits.
  • a19980a 4.11.0
  • ce08a0b update package-lock
  • 17c716d update changelog
  • 34fab6d skip test for IE
  • a5d296b remove validator dependency
  • e8686ea increase framework timeout to 10m when debugging is enabled
  • b600037 propagate process.execArgv if given
  • 9a7cf2a remove log type check
  • 441948c Revert "Add process.stdout.isTTY"
  • fdc802d Add new selector strategies from WebdriverAgent
  • d48df91 fix: Two functions in launcher were missing 2nd argument in reduce fn
  • c4e3392 minor doc fix
  • 0dec0a7 #2588 return false for element that is not visible within viewport
  • d49de6a #2588 the Error needs to be thrown to be handled correctly
  • 3c6fced #2588: test to cover the issue
  • 5977e83 4.10.2
  • 2ed6eb1 eslint fix
  • ea84968 update changelog
  • da6d7bb Move one line after the heading
  • 81793a0 Add Unit Test for new Unknown Command message
  • 4d15da4 Add another UnknownCommand indicator
  • bb7f289 Fix allure open command
  • 97f3190 Update touchAction.js
  • a83ae90 Added link to bail config for more info
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic