search

dbartholomae / lambda-middleware

A collection of middleware for AWS lambda functions.
https://dbartholomae.github.io/lambda-middleware/
MIT License
151 stars 18 forks source link

[Snyk] Security upgrade ts-jest from 24.3.0 to 25.3.0 #17

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 Yes Proof of Concept
Commit messages
Package name: ts-jest The new version differs by 165 commits.
  • ad58c9b chore(release): 25.3.0
  • 949e3e1 chore: update package-lock.json
  • b8ebf36 docs: add Troubleshoting section (#1463)
  • 8b5325e chore(transformer): only do type checking for js/jsx/ts/tsx file (#1464)
  • 58b05b1 chore: replace travis-ci.org with travis-ci.com (#1469)
  • 79e8fdf build(deps-dev): bump jest from 25.2.3 to 25.2.4 (#1468)
  • dddce1c build(deps-dev): bump @jest/transform from 25.2.3 to 25.2.4 (#1467)
  • d811bae build(deps-dev): bump lint-staged from 10.0.9 to 10.0.10 (#1466)
  • ecc8312 build(deps-dev): bump @types/react from 16.9.26 to 16.9.27 (#1462)
  • c10ad4a chore(compiler): improve performance for language service (#1461)
  • 455ee5b build(deps-dev): bump @jest/transform from 25.2.1 to 25.2.3 (#1459)
  • 1641cfb build(deps-dev): bump jest from 25.2.2 to 25.2.3 (#1460)
  • 3010ec8 build(deps-dev): bump @jest/types from 25.2.1 to 25.2.3 (#1458)
  • 26a81f0 build(deps-dev): bump @types/react from 16.9.25 to 16.9.26 (#1457)
  • 99c552d build(deps-dev): bump jest from 25.2.1 to 25.2.2 (#1455)
  • 5214f1b build(deps): bump yargs-parser from 18.1.1 to 18.1.2 (#1456)
  • 79478ae build(deps-dev): bump tslint-plugin-prettier from 2.2.0 to 2.3.0 (#1454)
  • 107e062 fix: always do type check for all files provided to ts-jest transformer (#1450)
  • 1e34075 build(deps-dev): bump @jest/types from 25.2.0 to 25.2.1 (#1452)
  • ba5a6c4 build(deps-dev): bump @jest/transform from 25.2.0 to 25.2.1 (#1451)
  • e857f5b build(deps-dev): bump jest from 25.2.0 to 25.2.1 (#1453)
  • 4981da8 Merge pull request #1447 from kulshekhar/dependabot/npm_and_yarn/jest/types-25.2.0
  • ea8240a Merge pull request #1448 from kulshekhar/dependabot/npm_and_yarn/jest/transform-25.2.0
  • e50db11 build(deps-dev): bump @jest/types from 25.1.0 to 25.2.0
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic