search

arcus-azure / arcus.eventgrid

Azure Event Grid development in a breeze
https://eventgrid.arcus-azure.net/
MIT License
17 stars 6 forks source link

[Snyk] Fix for 1 vulnerabilities #310

Open stijnmoreels opened 1 year ago

stijnmoreels commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - docs/package.json - docs/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | No | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @docusaurus/core The new version differs by 250 commits.
  • 2a9e8f5 v2.0.0
  • 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
  • d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
  • e4fc47b Merge branch 'main' into docusaurus-v2
  • 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
  • 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
  • 965a01e chore: port-2.0.0-rc.1 (#7782)
  • e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
  • c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
  • d255389 chore: prepare v2.0.0-rc.1 release (#7778)
  • 443914a docs: add Bruce Wiki website to showcase (#7770)
  • f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
  • 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
  • c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
  • c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
  • 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
  • 1899a2e docs: add EverShop website to showcase (#7765)
  • 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
  • a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
  • 337463a chore(theme-translations): complete ko translations (#7762)
  • 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
  • cba8be0 fix(theme-classic): validate options properly (#7755)
  • 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
  • f21dadf docs: add StackQL Provider Registry to showcase (#7760)
See the full diff
Package name: @docusaurus/preset-classic The new version differs by 250 commits.
  • 2a9e8f5 v2.0.0
  • 2ef40c2 chore: Netlify branch deploys should only deploy default locale "en" (#7788)
  • d88f248 chore: add Netlify config for major version branch deploys (docusaurus-v2 branch) (#7787)
  • e4fc47b Merge branch 'main' into docusaurus-v2
  • 7f40350 chore: fix codesandbox playgrounds, use Node.js 16 version (#7784)
  • 1065e55 refactor(core): log Docusaurus & Node version before exiting (#7781)
  • 965a01e chore: port-2.0.0-rc.1 (#7782)
  • e78a15e chore: ci tests should run on version branches "docusaurus-vX" (#7783)
  • c751bc6 chore: regen v2.0.0-rc.1 examples (#7780)
  • d255389 chore: prepare v2.0.0-rc.1 release (#7778)
  • 443914a docs: add Bruce Wiki website to showcase (#7770)
  • f913af0 docs: release process, versioning, breaking changes, public API surface (#7706)
  • 9788944 refactor(theme): fix duplicate page metadata usage (#7777)
  • c48f338 fix(core): swizzle --eject js should not copy theme .d.ts files (#7776)
  • c3d2e0d fix(sitemap): complete gracefully when all pages have noIndex meta (#7774)
  • 665c311 chore: bump Infima to 0.2.0-alpha.42, fix a:hover link bug (#7771)
  • 1899a2e docs: add EverShop website to showcase (#7765)
  • 542228e fix(deploy): revert "feat(deploy): copy local git config to tmp repo (#7702)" (#7750)
  • a4b4a7f fix(migrate): import siteConfig with file extension (#7766)
  • 337463a chore(theme-translations): complete ko translations (#7762)
  • 9467da6 chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 (#7764)
  • cba8be0 fix(theme-classic): validate options properly (#7755)
  • 636d470 refactor(core): use has instead of get to test for existence in ExecEnv (#7763)
  • f21dadf docs: add StackQL Provider Registry to showcase (#7760)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/stijnmoreels/project/3bafa065-27c9-42bd-b9ba-4ae9024bde85?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/stijnmoreels/project/3bafa065-27c9-42bd-b9ba-4ae9024bde85?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"e14a1ca0-0ba2-4aac-acb5-f651330d4a5d","prPublicId":"e14a1ca0-0ba2-4aac-acb5-f651330d4a5d","dependencies":[{"name":"@docusaurus/core","from":"2.0.0-beta.6","to":"2.0.0"},{"name":"@docusaurus/preset-classic","from":"2.0.0-beta.6","to":"2.0.0"}],"packageManager":"npm","projectPublicId":"3bafa065-27c9-42bd-b9ba-4ae9024bde85","projectUrl":"https://app.snyk.io/org/stijnmoreels/project/3bafa065-27c9-42bd-b9ba-4ae9024bde85?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-SEMVER-3247795"],"upgrade":["SNYK-JS-SEMVER-3247795"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[696],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
netlify[bot] commented 1 year ago

Deploy Preview for arcus-eventgrid failed.

Name Link
Latest commit 328be7779d3af8a36603c2921cf91df5ecd6e7ee
Latest deploy log https://app.netlify.com/sites/arcus-eventgrid/deploys/64af45b8eec4110007bdb3b4
codecov[bot] commented 1 year ago

Codecov Report

Patch and project coverage have no change.

Comparison is base (3d2e7ec) 87.44% compared to head (328be77) 87.44%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #310 +/- ## ======================================= Coverage 87.44% 87.44% ======================================= Files 15 15 Lines 733 733 Branches 50 50 ======================================= Hits 641 641 Misses 74 74 Partials 18 18 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.