CLAassistant
commented
1 year ago
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.
Snyk has created this PR to upgrade passport from 0.5.3 to 0.6.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-PASSPORT-2840631
Why? Has a fix available, CVSS 4.8
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: passport
-
0.6.0 - 2022-05-20
-
0.5.3 - 2022-05-16
from passport GitHub release notes0.6.0
0.5.3
Commit messages
Package name: passport
- c33067b 0.6.0
- 3052bb4 Update changelog.
- 42630cb Merge pull request #900 from jaredhanson/fix-fixation
- 8dd79fe Use utils-merge rather than Object.assign for compatibility.
- 4f6bd5b Change keepSessionData to keepSessionData.
- 46756e5 Silence verbose logging.
- 987b191 Add tests.
- f8a175f Add tests.
- 29a90d6 No need to guard callback existence.
- bfba8a1 Add tests.
- 17111d7 Add option to keep session data on logout.
- a349c2b Add option to keep session data.
- e69834e Add optional options to login and logout.
- 8825a9a Add tests.
- c1991cf Add tests.
- 294f22c Better session detection and exceptions.
- 80cc4e3 Add tests.
- 3001654 Add tests.
- b395106 Clean up tests.
- cfa8259 Add tests.
- ee0bf81 Add tests.
- cc7606c Add tests.
- 71c54f6 Add test.
- 88c1f1b Handle logout without session manager.
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs