search

coinolio / coinolio

Open source Bitcoin and Altcoin portfolio / trades logging and tracking. Including Profit / Loss calculations, Price Charts and realtime updates.
MIT License
28 stars 9 forks source link

[Snyk] Security upgrade kue-scheduler from 0.7.4 to 0.8.2 #54

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-ASYNC-2441827		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: kue-scheduler The new version differs by 25 commits.
  • f3afe5d chore: generate latest changelog
  • 807e6fa chore: force audit fixes
  • aeca9a6 chore: force latest dependencies
  • e59bab8 Merge pull request #126 from WeeverApps/master
  • 9443e8d Tests for `restore:true` error fix (#2)
  • ef5cb31 Bind `this` to `done` on error (#1)
  • af47b9a Force latest dependencies && audit fix
  • d056aef Improve
  • 294ce2b Merge pull request #124 from ghosind/master
  • 283da91 fix not remove job when set removeOnComplete and it is done
  • efab8a8 Merge pull request #115 from respinha-ribeiro/Queue#schedule-setJobDataKey
  • 3d0eeaa Merge pull request #120 from CristiCimpianu/master
  • 89c0d32 bump date, grunt and moment after npm audit
  • 33a2aa3 Merge pull request #118 from CristiCimpianu/master
  • 696789b bump lodash due to vulnerability
  • cc7a5c2 Merge pull request #117 from Pelsin/patch-1
  • 90d7a6e Fixed some typos in readme.md
  • ca20429 'use strict' fix
  • 3fc6d4c 'const' restriction
  • 8b11efd Added saveUniqueJob to Queue#schedule waterfall functions
  • 2beaa2c Merge pull request #114 from CristiCimpianu/master
  • 46d701f Merge pull request #111 from markbahnman/readme-typo
  • c555743 fixed unit test after adding cronTime timezone
  • 5416dcc kue-scheduler next run calculation ignores timezone
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution