Mocha side bar viewer that allows you to run Mocha tests from side bar menu and view results can run each level hierarchy from all tests to a single test(and each describer of course)
MIT License
190
stars
61
forks
source link
[Snyk] Security upgrade nyc from 14.0.0 to 15.0.0 #314
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- test/workspace/package.json
- test/workspace/package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **658/1000** **Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: nyc
The new version differs by 79 commits.
fd40d49 feat: Use @ istanbuljs/schema for yargs setup (#1194)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
π§ [View latest project report](https://app.snyk.io/org/maty21-github-marketplace/project/328335c4-529c-4c03-b8c6-1c15c3caf3af?utm_source=github&utm_medium=referral&page=fix-pr)
π [Adjust project settings](https://app.snyk.io/org/maty21-github-marketplace/project/328335c4-529c-4c03-b8c6-1c15c3caf3af?utm_source=github&utm_medium=referral&page=fix-pr/settings)
π [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"8b40ee55-9698-4260-96fa-a638cfb96f7e","prPublicId":"8b40ee55-9698-4260-96fa-a638cfb96f7e","dependencies":[{"name":"nyc","from":"14.0.0","to":"15.0.0"}],"packageManager":"npm","projectPublicId":"328335c4-529c-4c03-b8c6-1c15c3caf3af","projectUrl":"https://app.snyk.io/org/maty21-github-marketplace/project/328335c4-529c-4c03-b8c6-1c15c3caf3af?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-SEMVER-3247795"],"upgrade":["SNYK-JS-SEMVER-3247795"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[658],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
π¦ [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
- - -
This change isβ[](https://reviewable.io/reviews/maty21/mocha-sidebar/314)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - test/workspace/package.json - test/workspace/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **658/1000****Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: nyc
The new version differs by 79 commits.- bebf4d6 chore(release): 15.0.0
- 2931730 chore: Update to final releases of dependencies (#1245)
- d44ff19 chore: Update node-preload and use process-on-spawn (#1243)
- 5258e9f feat: Filenames relative to project cwd in coverage reports (#1212)
- 6039f29 chore: Unpin test-exclude, update to latest pre-releases (#1240)
- f3c9e6c chore: Temporarily pin test-exclude (#1239)
- 28ed746 chore: Lazy load modules that are rarely/never needed in test processes. (#1232)
- 7307626 chore: Remove cp-file module (#1230)
- dfd629d fix: Better error handling for main execution, reporting (#1229)
- 549c953 chore: Update dependencies, pin find-cache-dir (#1228)
- a1dee03 chore: Update yargs (#1224)
- 8078a79 chore: Fix 404 in README.md. (#1220)
- 7a02cb7 chore: Add enterprise language (#1217)
- ea94c7f chore: Remove unused functions (#1218)
- 53c66b9 docs: `npm home nyc` goes to github master branch README (#1201)
- cf5e5d3 chore: Update dependencies
- 8411a26 fix: Correct handling of source-maps for pre-instrumented files (#1216)
- f890360 docs: Fix URL to default excludes in README.md (#1214)
- 3726bbb chore: Update to async version of istanbul-lib-source-maps (#1199)
- 0efc6d1 chore: Tweak arguments for async coverage data readers (#1198)
- cc77e13 chore: Add `use strict` to all except fixtures (#1197)
- bcbe1df chore: Update dependencies (#1196)
- 2735ee2 chore: 100% coverage (#1195)
- fd40d49 feat: Use @ istanbuljs/schema for yargs setup (#1194)
See the full diff