lolo32 / fastify-sse

Provide Server-Sent Events to Fastify
20 stars 16 forks source link

[Snyk] Security upgrade fastify from 0.26.2 to 2.0.0 #23

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 688/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.9
Web Cache Poisoning
SNYK-JS-FINDMYWAY-1038269
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: fastify The new version differs by 250 commits.
  • dbcf234 Bumped v2.0.0
  • 07504c6 Add self to package.json (#1474)
  • 8202890 Docs/Add standard json schema examples (#1355)
  • a27850d Fix/add schema to validator (#1446)
  • 4c03dda Add onboarding section to CONTRIBUTING document (#1469)
  • 37dde53 test: cover issue #1456 (#1470)
  • a00972b Less flakyness maybe (#1468)
  • 7391bee Add email for cemremengu (#1467)
  • dd9259b maybe fixed flaky test (#1466)
  • dc9ca9c fixed flaky http2 closing test (#1464)
  • fa2b5d8 Fix HTTP/2 request while closing (#1461)
  • 2ddae34 Exclude tap-mocha-reporter from greenkeeper (#1460)
  • 1313bea Added link to fastify-google-cloud-storage plugin in doc/Ecosystem (#1443)
  • 4e36633 update types/node to latest (#1451)
  • 8a736fc Update ignore files (#1452)
  • 5647291 Updated find-my-way to v2 (#1453)
  • 356cf6f Add `query` option (#1442)
  • 23c40a3 docs: enhance typescript plugin docs (#1432)
  • 972f2e7 Feature/addSchema to serialization (#1437)
  • 8d320f0 explicit set latest release for most dependencies (#1440)
  • abef126 Add more tests to hit 100 (#1438)
  • c9f6ba9 update fast-json-stringify and add test for $ref in response serialization (#1433)
  • 946d9f8 Bumped v2.0.0-rc.6
  • 2835df2 Add test for content-type overriding inside a plugin (#1434) (#1435)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

coveralls commented 4 years ago

Coverage Status

Coverage remained the same at 100.0% when pulling 4497d54c454ba68588618d73b2630c71e6d86e7d on snyk-fix-d3172effceacef04cff8b12c7ca65fbb into 42734ba0acdb6d1cc484164a23f33eb87e01fd67 on master.

coveralls commented 4 years ago

Coverage Status

Coverage remained the same at 100.0% when pulling 4497d54c454ba68588618d73b2630c71e6d86e7d on snyk-fix-d3172effceacef04cff8b12c7ca65fbb into 42734ba0acdb6d1cc484164a23f33eb87e01fd67 on master.