Open snyk-bot opened 2 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 9.8
SNYK-JS-FORMIDABLE-2838956
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: formidable
The new version differs by 250 commits.- 143e473 chore: prepare release
- 2f553b4 docs: use slugify in the example
- 9969c25 refactor: code style
- 5103d09 feat: stop extension from being '.'
- 67c6a3f feat: allow numbers in file extensions
- 78de849 feat: stop at first invalid char
- 5fdb2d0 fix: replace regex with reliable filtering
- d2bd18d tests: add a test case that proves that the regex was always bad
- 703bec4 tests: add comment
- 15afa8a docs: add comment
- d3a05e9 add failing test case
- 971e3a7 chore: publish
- 92df3c8 fix: IncomingForm end event emitted twice (#852)
- 21efa7d chore(deps): bump istanbul-reports from 3.0.2 to 3.1.4 (#844)
- 8009584 chore(kodiak): always update PRs
- d6c17f1 chore: fix dependabot error
- 7ea655e chore: do not add reviewers to dep update prs (#845)
- 635b4f8 chore: add Dependabot settings (#837)
- a93060c chore: fix kodiak config (#838)
- 7fbf974 chore: add KodiakHQ service (#836)
- 786f2e1 chore(deps): bump ansi-regex from 4.1.0 to 4.1.1 (#835)
- 4718b78 chore(security): meta, add CodeQL action (#832)
- db22330 chore: remove auto-comment bot (#833)
- ab698ff chore(meta): remove LabelSponsors Action (#834)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.