search

averissimo / write2sheet

Simple Node.js library to write to Google Sheets
GNU General Public License v3.0
0 stars 0 forks source link

[Snyk] Security upgrade xo from 0.33.1 to 0.42.0 #94

Closed averissimo closed 2 weeks ago

averissimo commented 10 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Denial of Service (DoS)
[SNYK-JS-DECODEURICOMPONENT-3149970](https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970) | No | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: xo The new version differs by 76 commits.
  • ab16df2 0.42.0
  • de55a03 Upgrade dependencies
  • 34800b7 Upgrade `globby` (#574)
  • f81e933 Re-enable `import/newline-after-import` rule
  • 47af93e 0.41.0
  • af93e79 Upgrade dependencies
  • 0733cc5 Fix code style (#570)
  • ab17a3c Lint `.cjs` files in codebase (#569)
  • 0a752c7 Update dependencies (#568)
  • 41c8f39 Convert project to module (#566)
  • b3c5e15 Fix typo (#567)
  • 2ef9f22 Prevent the `useEslintrc` option from being used (#565)
  • 41f0484 0.40.3
  • 374dd73 Support `xo.config.cjs` and `.xo-config.cjs` (#561)
  • 3e7b77c Remove some needless imports (#560)
  • 6adf459 Remove `update-notifier`
  • b6389ef 0.40.2
  • 7ace6e5 Fix handling of `parserOptions` for TypeScript (#557)
  • 7629ce0 0.40.1
  • d2c5750 Properly resolve base config (#545)
  • e9c96a1 Properly handle `parserOptions` (#544)
  • 8e1801c Avoid destructuring and just build the expected object once (#538)
  • 4cfdc72 Fix CI
  • 56be018 0.40.0
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/averissimo/project/c0e58fb6-7084-49b4-9b48-1ba2b82456cb?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/averissimo/project/c0e58fb6-7084-49b4-9b48-1ba2b82456cb?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"8d09510f-3a80-4e64-8b39-dd9225dab494","prPublicId":"8d09510f-3a80-4e64-8b39-dd9225dab494","dependencies":[{"name":"xo","from":"0.33.1","to":"0.42.0"}],"packageManager":"npm","projectPublicId":"c0e58fb6-7084-49b4-9b48-1ba2b82456cb","projectUrl":"https://app.snyk.io/org/averissimo/project/c0e58fb6-7084-49b4-9b48-1ba2b82456cb?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-DECODEURICOMPONENT-3149970"],"upgrade":["SNYK-JS-DECODEURICOMPONENT-3149970"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[696],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Denial of Service (DoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)