search

commonality / readme-inspector

䷂ Verify the existence—and assess the quality—of README files on GitHub (Enterprise) repositories.
https://commonality.github.io/readme-inspector/
MIT License
9 stars 9 forks source link

[Snyk] Security upgrade got from 8.3.0 to 9.0.0 #91

Open snyk-bot opened 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTTPCACHESEMANTICS-3248783		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: got The new version differs by 79 commits.
  • 3a145c0 9.0.0
  • bf3c463 Fix readme Highlights link to `retry` option
  • ba0cb0d Unify calculating content-length (#544)
  • 5c3adba Increase coverage (#543)
  • 10d22b7 Increase coverage (#542)
  • 99dbd97 Fix the behaviour of proxying headers
  • 4d92eb6 Ignore JSON option when using `got.stream()` (#541)
  • 6ba9e68 Fix the description of the `next()` function
  • bf206ca Don't recommend setting `user-agent` to undefined
  • 80a02fe Update readme links to Electron-related issues
  • af5c3fd Improve merging options (#539)
  • d369b08 Make `got.mergeOptions()` behavior more obvious and document its behavior (#538)
  • 6d654fa Drop `ESOCKETTIMEDOUT` error
  • da7f055 Add timeout for secureConnect event for HTTPS requests (#536)
  • 9d87e9f Document `TimeoutError`
  • 11a2f0f Change HTTP retry methods to lowercase
  • b504346 Minor code style tweaks
  • 2f43923 Update dependencies
  • da4f236 Customize timeouts and generally improve the whole thing (#534)
  • 8cccd8a Expose `assignOptions` (#530)
  • 2649270 Pass normalized options to the handler (#532)
  • 07a91cc fix: formatted query should be assigned to options.search (#519)
  • 58c12de Move upload progress plumbing to its own module (#531)
  • 75fd8d3 Test that timeout error is not erroneously emitted using promise interface (#529)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)