[Snyk] Upgrade url-parse from 1.5.1 to 1.5.10

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade url-parse from 1.5.1 to 1.5.10.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
:sparkles: Snyk has automatically assigned this pull request, [set who gets assigned](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr/settings/integration). :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **9 versions** ahead of your current version. - The recommended version was released **2 years ago**, on 2022-02-22. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------

| Improper Input Validation
[SNYK-JS-URLPARSE-2407770](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept

| Open Redirect
[SNYK-JS-URLPARSE-1533425](https://snyk.io/vuln/SNYK-JS-URLPARSE-1533425) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept

| Access Restriction Bypass
[SNYK-JS-URLPARSE-2401205](https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept

| Authorization Bypass
[SNYK-JS-URLPARSE-2407759](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept

| Authorization Bypass Through User-Controlled Key
[SNYK-JS-URLPARSE-2412697](https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: url-parse

1.5.10 - 2022-02-22

1.5.10

  </li>
  <li>
    <b>1.5.9</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.9">2022-02-20</a></br><p>1.5.9</p>
  </li>
  <li>
    <b>1.5.8</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.8">2022-02-19</a></br><p>1.5.8</p>
  </li>
  <li>
    <b>1.5.7</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.7">2022-02-16</a></br><p>1.5.7</p>
  </li>
  <li>
    <b>1.5.6</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.6">2022-02-13</a></br><p>1.5.6</p>
  </li>
  <li>
    <b>1.5.5</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.5">2022-02-13</a></br><p>1.5.5</p>
  </li>
  <li>
    <b>1.5.4</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.4">2021-12-28</a></br><p>[dist] 1.5.4</p>
  </li>
  <li>
    <b>1.5.3</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.3">2021-07-25</a></br><p>[dist] 1.5.3</p>
  </li>
  <li>
    <b>1.5.2</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.2">2021-07-25</a></br><p>[dist] 1.5.2</p>
  </li>
  <li>
    <b>1.5.1</b> - <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases/tag/1.5.1">2021-02-18</a></br><p>[dist] 1.5.1</p>
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/unshiftio/url-parse/releases">url-parse GitHub release notes</a>

Commit messages

Package name: url-parse

8cd4c6c 1.5.10
ce7a01f [fix] Improve handling of empty port
0071490 [doc] Update JSDoc comment
a7044e3 [minor] Use more descriptive variable name
d547792 [security] Add credits for CVE-2022-0691
ad23357 1.5.9
0e3fb54 [fix] Strip all control characters from the beginning of the URL
61864a8 [security] Add credits for CVE-2022-0686
bb0104d 1.5.8
d5c6479 [fix] Handle the case where the port is specified but empty
4f2ae67 [security] Add credits for CVE-2022-0639
8b3f5f2 1.5.7
ef45a13 [fix] Readd the empty userinfo to `url.href` (#226)
88df234 [doc] Add soft deprecation notice
78e9f2f [security] Fix nits
e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
4c9fa23 1.5.6
7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
e4a5807 1.5.5
193b44b [minor] Simplify whitespace regex
319851b [fix] Remove CR, HT, and LF
4e53a8c [doc] Document that the returned hostname might be invalid
9be7ee8 [fix] Correctly handle userinfo containing the at sign
f7774f6 [security] Fix typos in SECURITY.md

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

hypersign-protocol / hyperfyre-frontend

[Snyk] Upgrade url-parse from 1.5.1 to 1.5.10 #1934

Snyk has created this PR to upgrade url-parse from 1.5.1 to 1.5.10.