mulesoft-labs / osprey-method-handler

Middleware for validating requests and responses based on a RAML method object
Other
16 stars 16 forks source link

[Snyk] Security upgrade debug from 4.1.1 to 4.3.1 #70

Open svc-ast-gh-snyk5 opened 11 months ago

svc-ast-gh-snyk5 commented 11 months ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: debug The new version differs by 34 commits.
  • 0d3d66b 4.3.1
  • b6d12fd fix regression
  • 3f56313 4.3.0
  • e2d3bc9 add deprecation notice for debug.destroy()
  • 72e7f86 fix memory leak within debug instance
  • 27152ca add test for enable/disable of existing instances
  • 22e13fe fix quoted percent sign
  • 80ef62a 4.2.0
  • 09914af Marks supports-color as an *optional* peer dependency
  • db306db Update and pin ms to 2.1.2
  • 6b07f9e Fixes: Unable to take control over selectColor #747
  • 0c1d518 remove dead code and fix lowercase comment (for linter)
  • 4acdeed run linter inside of test script
  • 3f4d724 Add "engines" to `package.json` (#680)
  • 608fca9 Update ISSUE_TEMPLATE.md
  • 5c7c61d fix links in issue templates
  • 976f8d2 add issue and pull request templates
  • 982c12c test: only run coveralls on travis
  • 825d35a copy custom logger to namespace extension (fixes #646)
  • 5528572 use console.debug() in browser when available (closes #600)
  • c0127b1 remove examples folder (closes #650)
  • 94583b6 remove build system (closes #652)
  • 0e94034 update development dependencies
  • ad551e2 add Josh Junon to contributors
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)