CLAassistant
commented
3 years ago
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 7.4
SNYK-JS-ADMZIP-1065796
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: geckodriver
The new version differs by 49 commits.- 923b74d 1.22.2
- 524f6eb Bump adm-zip from 0.4.16 to 0.5.3 (#80)
- 1695920 1.22.1
- 10b1096 bump default binary to 0.29.0 (#79)
- fcafb70 1.21.1
- 02b0d78 Fix Test
- a65ff5b Bump ini from 1.3.5 to 1.3.7 (#78)
- 7e68708 Bumb default geckodriver version (#77)
- 8007425 1.20.0
- 2c90b43 Update deps and geckodriver (#76)
- 47a1cfc GECKODRIVER_VERSION from .npmrc (#75)
- acff435 Bump lodash from 4.17.15 to 4.17.19 (#74)
- 6d46725 fix: Update proxy (#73)
- 94d905a Bump acorn from 5.7.3 to 5.7.4 (#72)
- 8a5f235 1.19.1
- c93f289 Updates https-proxy-agent for the node advisory. (#69)
- 2e2c4aa 1.19.0
- 2336fe3 Changelog updates
- 8b025a8 update geckodriver to 0.26 (#68)
- c9a7049 1.18.0
- 59331e5 update default driver version to 0.25.0 (#67)
- d87d6fa 1.17.0
- 6124339 Add package-lock.json
- f497b6d skip geckodriver download (#66)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic