search

cameri / nostream

A Nostr Relay written in TypeScript
MIT License
729 stars 188 forks source link

[Snyk] Upgrade pg from 8.8.0 to 8.9.0 #213

Closed snyk-bot closed 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to upgrade pg from 8.8.0 to 8.9.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: pg from pg GitHub release notes
Commit messages
Package name: pg
  • 20a243e Publish
  • 5bdc61a Remove expired sponsors
  • 47afe5c Attempt to fix timing test flake on older versions of node in CI (#2902)
  • bb8745b Fix SASL to bubble up errors, enable SASL tests in CI, and add informative empty SASL password message (#2901)
  • f82f39c Add support to stream factory (#2898)
  • 3e34816 Update title (#2886)
  • c6c05f8 Bump JSONStream from 0.7.4 to 1.3.5 (#2874)
  • 16118ce Bump eslint-config-prettier from 6.12.0 to 8.5.0 (#2875)
  • 27d612a Update docs (#2867)
  • 12b9a69 update docs - clean up interface (#2863)
  • c7dc621 pg-cursor: Fix errors only being sent to half the queue (#2831)
  • c7133eb ci: remove git credentials after checkout (#2858)
  • 15b502d refactor(pg): remove unused imports (#2854)
  • c253eb6 Bump chai from 4.2.0 to 4.3.6 (#2851)
  • 0965531 Bump typescript from 4.0.3 to 4.8.4 (#2850)
  • 89b4e7f Fix devcontainer build failure due to env var being interpreted as non-string (#2844)
  • 5538df6 Bump @ typescript-eslint/eslint-plugin from 4.4.0 to 4.33.0 (#2826)
  • 406f141 perf: remove superfluous flush message (#2842)
  • c7dc7fd Bump pgpass from 1.0.2 to 1.0.5 (#2827)
  • 1aa0827 Migrate docs repo into monorepo (#2823)
  • 5bcc05d pg-protocol: fix link to message format docs (#2835)
  • 9dfb3dc perf(pg): use native crypto.pbkdf2Sync in sasl auth (#2815)
  • 9e2d7c4 Update pg.connect with pool.connect (#2822)
  • 9a95ee7 pg-query-stream: Add missing peer dependency on pg (#2813)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

socket-security[bot] commented 1 year ago

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

Powered by socket.dev

coveralls commented 1 year ago

Pull Request Test Coverage Report for Build 4207738920

Totals Coverage Status
Change from base Build 4207730256: 0.0%
Covered Lines: 1174
Relevant Lines: 1951
💛 - Coveralls
sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

github-actions[bot] commented 1 year ago

:tada: This PR is included in version 1.22.5 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: