mike7515 / code-beautifier

MIT License
19 stars 5 forks source link

[Snyk] Security upgrade js-beautify from 1.10.1 to 1.14.1 #52

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-JSBEAUTIFY-2311652
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: js-beautify The new version differs by 250 commits.
  • 13b9a54 Release: 1.14.1
  • ca785aa Merge remote-tracking branch 'origin/staging/main' into staging/release
  • 49fa82c Bump version numbers for 1.14.1
  • ef32da4 Update Changelog
  • cb20409 Merge pull request #1993 from mhnaeem/feature/add-cmd-enter-for-mac
  • 2df9f3e Fixing styling issues caught by CI
  • 1f425d6 Merge remote-tracking branch 'origin/main' into feature/add-cmd-enter-for-mac
  • 83f1bec Merge pull request #1996 from mhnaeem/bug/specify-black-package-version
  • cf8617a bug: fix psf/black package version
  • ab205a4 feature: allow mac users to use command+enter for submit button
  • 6a919cc Merge pull request #1973 from kevinbackhouse/GHSL-2021-113-fix-ReDoS-second-attempt
  • 19c5862 GHSL-2021-113: Fix ReDoS bug (second attempt).
  • 37098ba Merge pull request #1970 from beautify-web/revert-1968-GHSL-2021-113-fix-ReDoS
  • 229b237 Revert "GHSL-2021-113: fix ReDoS bug"
  • 4b3fb85 Merge pull request #1968 from kevinbackhouse/GHSL-2021-113-fix-ReDoS
  • 2024564 Merge branch 'main' into GHSL-2021-113-fix-ReDoS
  • 034172d GHSL-2021-113: fix ReDoS bug
  • f182350 Merge pull request #1967 from bitwiseman/task/normalize
  • baee71c Fix diff
  • ca29889 Update dependencies
  • e5f6c48 Add line end normalization
  • 157a3e0 Merge pull request #1966 from beautify-web/bitwiseman-patch-1
  • d7774d9 Update main.yml
  • 06aa63f Update main.yml
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🩉 Regular Expression Denial of Service (ReDoS)