Closed fortiZde closed 2 years ago
Merging #38 (5c9ebb0) into master (56923fe) will not change coverage. The diff coverage is
100.00%
.
@@ Coverage Diff @@
## master #38 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 2 2
Lines 34 35 +1
=========================================
+ Hits 34 35 +1
Impacted Files | Coverage Δ | |
---|---|---|
src/merge.js | 100.00% <100.00%> (ø) |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 56923fe...5c9ebb0. Read the comment docs.
Thanks for updating :)
#33 CVE-2022-25645
Firstly added tests with snyk provided code example and fixed the missing prototype pollution checks.
References:
Source: CERT Name: https://github.com/lukeed/dset/blob/master/src/merge.js%23L9 Url: https://github.com/lukeed/dset/blob/master/src/merge.js%23L9
Source: CERT Name: https://snyk.io/vuln/SNYK-JS-DSET-2330881 Url: https://snyk.io/vuln/SNYK-JS-DSET-2330881
Source: CERT Name: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974 Url: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974