This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **661/1000** **Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime [SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: bcrypt
The new version differs by 156 commits.
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/matthojo/project/92b2dab9-11a4-4426-96a5-4ebc33f3b30e?utm_source=github&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/matthojo/project/92b2dab9-11a4-4426-96a5-4ebc33f3b30e?utm_source=github&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"a83d3e38-bdac-4042-96a4-79e60b2a2be1","prPublicId":"a83d3e38-bdac-4042-96a4-79e60b2a2be1","dependencies":[{"name":"bcrypt","from":"2.0.1","to":"5.0.1"},{"name":"ccxt","from":"1.95.43","to":"2.4.20"}],"packageManager":"npm","projectPublicId":"92b2dab9-11a4-4426-96a5-4ebc33f3b30e","projectUrl":"https://app.snyk.io/org/matthojo/project/92b2dab9-11a4-4426-96a5-4ebc33f3b30e?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[661],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **661/1000****Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: bcrypt
The new version differs by 156 commits.- 2f124bd Fix artifact upload path
- 10eacf5 Prepare v5.0.1
- 6eacfe1 Merge pull request #856 from kelektiv/update-deps
- feb477c Update node-pre-gyp to 1.0.0
- 42c8b0c Merge pull request #852 from kelektiv/update-deps
- bafefc3 Update packages
- 7c5d8df Merge pull request #851 from recrsn/node-15-ci
- 1ba55f9 Add Node 15 to CI
- 19c06c1 Update Node version compatibility info
- 09cb4fc Merge pull request #825 from dogon11/patch-1
- 2821c03 Merge pull request #811 from techhead/use_buffers
- 63c8403 Merge pull request #838 from alete89/docs/improve-hash-info
- 984ef18 remove reference to $2y$ algo identifier
- 630c897 fixes: #828
- 0f93284 README.md typo fix
- 4125ebc Update README.md
- f503e57 Create SECURITY.md
- f158e6e Allow optional use of Node Buffers.
- 8866277 Deploy on any travis tag
- 61139e6 v5.0.0
- 1bde62c Update node-pre-gyp to 0.15.0
- 40770d6 Add NodeJS 14 to appveyor CI
- 5916a46 Merge pull request #807 from techhead/known_length
- f28e916 Reword comment
See the full diffPackage name: ccxt
The new version differs by 250 commits.- 559e617 2.4.20
- 0ba94a8 Merge pull request #16108 from carlosmiei/fast-build
- ab45aa5 2.4.19
- d06adcf Merge branch 'master' of github.com:ccxt/ccxt into fast-build
- a2e5752 Merge pull request #16110 from carlosmiei/disable-cryptocom-ws
- 84bb652 disable cryptocom WS
- bc0b2b2 Merge pull request #16109 from carlosmiei/bybit-ohlcv
- e7f0d2e fix ohlcv timestamp
- 499a87f parallel build WS
- a72e1af update package.json
- 7687fca fast build rest
- 0c1debc 2.4.18
- 558960b Merge pull request #16101 from carlosmiei/zb-ws-futures
- e1b77ba small fix
- 8d1dcca pro implementation
- 8f00c91 Merge branch 'master' of github.com:ccxt/ccxt into zb-update-future
- 82f22f6 add
- d97bc63 2.4.17
- c1a1aca Merge pull request #16095 from origccxt/bitmart_orderbook_fix
- f3418c3 2.4.16
- 9248b39 Merge pull request #16098 from ndubel/patch-89
- c9b0d7e 2.4.15
- 3b7bc67 Merge pull request #16100 from carlosmiei/bybit-fix-ohlcv
- af92eb7 fix empty OHLCV
See the full diff