sonarcloud[bot]
commented
1 year ago Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
Closed snyk-bot closed 5 months ago
sonarcloud[bot]
commented
1 year ago Kudos, SonarCloud Quality Gate passed!
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 3.5
SNYK-JS-DEBUG-3227433
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: karma
The new version differs by 122 commits.- a4d5bdc chore: release v3.0.0
- 75f466d chore: release v2.0.6
- 5db9399 chore: update contributors
- eb3b1b4 chore(deps): update mime -> 2.3.1 (#3107)
- 732396a fix(travis): Up the socket timeout 2->20s. (#3103)
- 173848e Remove erroneous change log entries for 2.0.3
- 1002569 chore(ci): drop node 9 from travis tests (#3100)
- 02f54c6 fix(server): Exit clean on unhandledRejections. (#3092)
- 0fdd8f9 chore(deps): update socket.io -> 2.1.1 (#3099)
- 90f5546 fix(travis): use the value not the key name. (#3097)
- fba5d36 fix(travis): validate TRAVIS_COMMIT if TRAVIS_PULL_REQUEST_SHA is not set. (#3094)
- 56fda53 fix(init): add "ChromeHeadless" to the browsers' options (#3096)
- f6d2f0e fix(config): Wait 30s for browser activity per Travis. (#3091)
- a58fa45 fix(travis): Validate TRAVIS_PULL_REQUEST_SHA rather than TRAVIS_COMMIT. (#3093)
- 88b977f fix(config): wait 20s for browser activity. (#3087)
- 94a6728 chore: remove support for node 4, update log4js (#3082)
- c5dc62d docs: better clarity for API usage
- 0018947 chore: release v2.0.5
- 02dc1f4 chore: update contributors
- dc7265b fix(browser): ensure browser state is EXECUTING when tests start (#3074)
- 7617279 refactor(filelist): rename promise -> lastCompletedRefresh and remove unused promise (#3060)
- a701732 fix(doc): Document release steps for admins (#3063)
- 93ba05a fix(middleware): Obey the Promise API.
- 518cb11 fix: remove circular reference in Browser
See the full diffPackage name: socket.io-client
The new version differs by 44 commits.- 3eb047f [chore] Release 2.1.0
- afb952d [docs] Add a note about reconnecting after a server-side disconnection
- 74893d5 [feat] Add a 'binary' flag (#1194)
- 9701611 [chore] Bump engine.io-client to version 3.2.0 (#1192)
- 3d8f24e [test] Update travis configuration
- e27f38b [chore] Restore unminified distribution files (#1191)
- bb743c4 [docs] Document connected and disconnected socket properties (#1155)
- f31837f [chore] Bump debug to version 3.1.0
- ebb0596 [chore] Release 2.0.4
- 57cee21 [test] Remove IE6 and IE7 tests (#1164)
- c58ecfc [docs] Add code examples for registered events (#1139)
- e9ebe36 [docs] Add an example with ES6 import in the README (#1138)
- 19f2b19 [chore] Release 2.0.3
- 83fedf5 [docs] Add explicit documentation for websocket transport (#1128)
- c0da119 [docs] Update documentation (#1124)
- c3c0270 [chore] Release 2.0.2
- d864486 [chore] Bump debug to version 2.6.8 (#1123)
- 214a57f [test] Launch browser tests on localhost by default (#1122)
- 8091591 [fix] Do not update the opts.query reference (#1121)
- 4f71bd2 [chore] Release 2.0.1
- d30914d [chore] Release 2.0.0
- 9e7b543 [chore] Bump engine.io to version 3.1.0 (#1109)
- 442587e [chore] Bump dev dependencies (#1108)
- ff4cb3e [feat] Move binary detection to the parser (#1103)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)