Zooz / predator-runner

Docker image that runs predator tests
Apache License 2.0
5 stars 6 forks source link

[Snyk] Security upgrade request from 2.87.0 to 2.88.0 #42

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 405/1000
Why? CVSS 8.1
Prototype Pollution
SNYK-JS-AJV-584908
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: request The new version differs by 13 commits.
  • 6420240 2.88.0
  • bd22e21 fix: massive dependency upgrade, fixes all production vulnerabilities
  • 925849a Merge pull request #2996 from kwonoj/fix-uuid
  • 7b68551 fix(uuid): import versioned uuid
  • 5797963 Merge pull request #2994 from dlecocq/oauth-sign-0.9.0
  • 628ff5e Update to oauth-sign 0.9.0
  • 10987ef Merge pull request #2993 from simov/fix-header-tests
  • cd848af These are not going to fail if there is a server listening on those ports
  • a92e138 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904)
  • 45ffc4b Improve AWS SigV4 support. (#2791)
  • a121270 Merge pull request #2977 from simov/update-cert
  • bd16414 Update test certificates
  • 536f0e7 2.87.1
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic