Closed snyk-bot closed 1 year ago
New dependency changes detected. Learn more about Socket for GitHub ↗︎
👍 No new dependency issues detected in pull request
To ignore an alert, reply with a comment starting with @SocketSecurity ignore
followed by a space separated list of package-name@version
specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@*
or ignore all packages with @SocketSecurity ignore-all
Issue | Status |
---|---|
Install scripts | ✅ 0 issues |
Native code | ✅ 0 issues |
Bin script shell injection | ✅ 0 issues |
Unresolved require | ✅ 0 issues |
Invalid package.json | ✅ 0 issues |
HTTP dependency | ✅ 0 issues |
Git dependency | ✅ 0 issues |
Potential typo squat | ✅ 0 issues |
Known Malware | ✅ 0 issues |
Telemetry | ✅ 0 issues |
Protestware/Troll package | ✅ 0 issues |
📊 Modified Dependency Overview:
⬆️ Updated Package | Version Diff | Added Capability Access | +/- Transitive Count |
Publisher |
---|---|---|---|---|
ws@8.13.0 | 8.12.0...8.13.0 | None | +0/-0 |
lpinca |
Totals | |
---|---|
Change from base Build 4713771339: | 0.0% |
Covered Lines: | 1212 |
Relevant Lines: | 2136 |
Kudos, SonarCloud Quality Gate passed!
Snyk has created this PR to upgrade ws from 8.12.0 to 8.13.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: ws
Features
finishRequest
option to support late addition of headers (#2123).Bug fixes
browser
condition to package.json (#2118).Features
utf-8-validate@6
(ff63bba).Other notable changes
buffer.isUtf8()
is now used instead ofutf-8-validate
if available(42d79f6).
Commit messages
Package name: ws
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs