Open snyk-bot opened 1 year ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-LUXON-3225081
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: luxon
The new version differs by 31 commits.- 16a1aa3 bump to 1.38.1
- 612e0c7 fix rfc2822 regex
- 9dcec8c bump to 1.28.0
- a0f42a2 Fixed small typo (#952)
- 307b135 Docs typo on dst weirdness (#962)
- 1f99fdd fix ISO year-ordinal strings with offsets (#966)
- e0c8f87 .toSeconds() returns seconds.milliseconds (#944)
- 2d66ce4 Clarify toFormat docs (#938)
- 043f2b9 bump to 1.27.0
- 6ae0524 update node install instructions. Closes #682
- 9a7e46b feat: multiple units support in toRelative (#926)
- 3d74e60 Add opt to use existing loc obj in weekdays/months (#877)
- 8899e9f Bump y18n from 4.0.0 to 4.0.1 (#913)
- fc997c4 Bump lodash from 4.17.19 to 4.17.21 (#930)
- 2b1c557 [docs] Update Duration#get docs to show `get` method use (#929)
- d0ed527 Updated JSDoc on `DateTime.fromISO` (#919)
- 34add62 Prevent error from being thrown in IANAZone.offset (#906)
- 88eae19 Add check for etc zone support before use (#918)
- da04179 Add duration fromISO negative millisecond handling (#887)
- c34afb1 856: fixed Etc/GMT0 yields Invalid DateTime (#897)
- 2d36a9c Fixed DRY principle violation in DateTime.local() (#898)
- 63b0ab8 Fix small typo in math docs (#895)
- d253afc Adding validation for mixing incompatible units (#861)
- c3be6a4 #927: Return null when calling intersection() on abutting Intervals (#928)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)