search

cblanc / sws_gathers

NSL Gathers App
http://gathers.ensl.org
8 stars 9 forks source link

[Snyk] Fix for 1 vulnerabilities #217

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-ASYNC-2441827		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: newrelic The new version differs by 250 commits.
  • 16f99e6 6.12.0
  • 70d13cb Merge pull request #461 from newrelic/release/v6.12.0
  • 419cdf9 fix typo
  • 406ba50 Release/v6.12.0
  • 46f76a9 Merge pull request #456 from tomashanacek/fix-large-json-insert-obfluscation
  • dd7094d Merge pull request #458 from michaelgoin/bump-native-metrics-version
  • eab7131 Updates native metrics license for license tests.
  • 0bd8f8d Bumps @ newrelic/native-metrics to ^5.3.0.
  • c87837a Fix large JSON inserts obfluscation
  • 791a719 Merge pull request #454 from michaelgoin/bump-aws-sdk
  • bdf7aa7 Fix @ newrelic/aws-sdk license in licenses tests.
  • 647e28e Bumps @ newrelic/aws-sdk to ^2.0.0.
  • a8fc4e6 Merge pull request #450 from RyanCopley/patch-1
  • d0e8304 Improved logging in the case of a failed instrumentation
  • 4fa8cad --oops-- Forgot to save test changes. I need to use a new module considering the require cache gets in the way.
  • 7c94c90 BE BOLD.
  • dd01e3e Merge branch 'astorm/shimmer-integration' of github.com:newrelic/node-newrelic into NR-416443
  • 0cd22ec Adding test for __NR_instrumented
  • e25afb1 Correct code style to match New Relic ESLint rules.
  • dd6cee3 NR-416443: On failed instrumentation, prevent multiple requires from re-wrapping shims
  • 761ba2c Merge pull request #448 from michaelgoin/update-license-formatting
  • e701087 Fixes first-line formatting for license file.
  • b66180a Merge pull request #447 from michaelgoin/remove-readme-language
  • 8b098ef Removes the 'remove this...' language from readme.
See the full diff
Package name: winston The new version differs by 250 commits.
  • b47d5d5 3.3.0
  • b6bc918 Prepare for v3.3.0
  • 9354721 doc: fix whitespace and trailing comma. (#1778)
  • 3d07a80 docs: add example of uncaughtRejections logging (#1780)
  • df25fa2 fix: change property of handleRejections (#1779)
  • 950cbcd Add options to request (#1777)
  • 1c75292 Update package-lock.json (#1772)
  • e7d13d5 Exclude unnecessary files from npm package (#1768)
  • 75f7edf Fix removes a logger when pass undefined transport (#1785)
  • 4b571ba This adds Node.js 14 and removes Node.js 8 as: (#1793)
  • 73ae01f Update Sentry transport `require` change (#1754)
  • 7b67eb0 Fix typo (#1750)
  • 1679c49 Fix Issue where winston removes transport on error (#1364) (#1714)
  • 0e0cf14 Fix #1690 (#1691)
  • 85a250a Node 12 is LTS now
  • bea9c34 Update README.md (#1743)
  • 319abf1 Add defaultMeta to Logger index.d.ts (#1736)
  • c719706 (typo) Missing label import in example (#1733)
  • 8944598 Update index.d.ts (#1729)
  • 7bb258c Fix `npm` logging levels on README.md (#1737)
  • 64744d7 #1567: document common transport options (#1723)
  • ae2335b Add Humio transport link to docs (#1705)
  • 785bd9e UPDATE levels on readme (http added) (#1650)
  • 4f44acb Add PostgresQL transport to list of community transports (#1697)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution