socket-security[bot]
commented
1 year ago New dependency changes detected. Learn more about Socket for GitHub βοΈ
π No new dependency issues detected in pull request
Bot Commands
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all
Pull request alert summary
| Issue | Status |
|---|---|
| Install scripts | β 0 issues |
| Native code | β 0 issues |
| Bin script shell injection | β 0 issues |
| Unresolved require | β 0 issues |
| Invalid package.json | β 0 issues |
| HTTP dependency | β 0 issues |
| Git dependency | β 0 issues |
| Potential typo squat | β 0 issues |
| Known Malware | β 0 issues |
| Telemetry | β 0 issues |
| Protestware/Troll package | β 0 issues |
π Modified Dependency Overview:
| β Added Package | Capability Access | +/- Transitive Count |
Publisher |
|---|---|---|---|
| body-parser@1.20.2 | None | +2 |
dougwilson |
coveralls
sonarcloud[bot]
Snyk has created this PR to upgrade body-parser from 1.20.1 to 1.20.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: body-parser
-
1.20.2 - 2023-02-22
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- perf: skip value escaping when unnecessary
- deps: raw-body@2.5.2
-
1.20.1 - 2022-10-06
- deps: qs@6.11.0
- perf: remove unnecessary object clone
from body-parser GitHub release notesCommit messages
Package name: body-parser
- ee91374 1.20.2
- 368a93a Fix strict json error message on Node.js 19+
- 0385872 deps: raw-body@2.5.2
- 2c35b41 build: eslint@8.34.0
- f0646c2 build: Node.js@18.14
- f345fb1 build: Node.js@14.21
- 6842efc deps: content-type@~1.0.5
- 5af7315 build: eslint-plugin-promise@6.1.1
- 8e605b3 build: supertest@6.3.3
- cba6e77 build: mocha@10.2.0
- 6a464ab build: eslint-plugin-import@2.27.5
- 7ebf276 build: eslint@8.32.0
- 69bb649 build: Node.js@16.19
- 8ff995f docs: switch badges to badgen
- 850832f build: Node.js@18.13
- dad8f34 build: actions/download-artifact@v3
- b17df32 build: use $GITHUB_OUTPUT for environment list
- d22513a build: actions/upload-artifact@v3
- 9f44f7b build: actions/checkout@v3
- 48e18ea build: mocha@10.1.0
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
π§ View latest project report
π Adjust upgrade PR settings
π Ignore this dependency or unsubscribe from future upgrade PRs