search

newrelic / nr1-account-maturity

NR1 Account Maturity is a quick view to understand if you're using key features of your New Relic account across multiple accounts and multiple applications.
Apache License 2.0
4 stars 12 forks source link

[Snyk] Upgrade snyk from 1.369.2 to 1.378.0 #22

Closed snyk-bot closed 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade snyk from 1.369.2 to 1.378.0.

merge advice

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Remote Memory Exposure
SNYK-JS-BL-608877		 456/1000
Why? Recently disclosed, CVSS 7.7		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: snyk
  • 1.378.0 - 2020-08-18

    1.378.0 (2020-08-18)

    Features

    • Bumping snyk-docker-plugin to 3.17.0 (4a1e32f)
  • 1.377.2 - 2020-08-18

    1.377.2 (2020-08-18)

    Bug Fixes

    • move custom API endpoint warning message to stderr (77c66ed)
  • 1.377.1 - 2020-08-17

    1.377.1 (2020-08-17)

    Bug Fixes

    • build: use node 14 for alpine executable (9d1b740)
  • 1.377.0 - 2020-08-17

    1.377.0 (2020-08-17)

    Features

    • bump cocoapods plugin to update graph & cli interface deps (4c3a141)
  • 1.376.0 - 2020-08-17

    1.376.0 (2020-08-17)

    Features

    • Allow environment variables to override config values (16fc432)
  • 1.375.0 - 2020-08-17

    1.375.0 (2020-08-17)

    Features

    • detect build.gradle.kts projects automatically behind --all-projects flag and scan all root level files with implied --all-sub-projects (57d8d02)
    • if both gradle files detected in the same folder, prefer build.gradle if build.gradle.kts also found (6e806fb)
  • 1.374.0 - 2020-08-14

    1.374.0 (2020-08-14)

    Features

    • show original severity if overridden by a policy (30a8cd7)
  • 1.373.1 - 2020-08-12

    1.373.1 (2020-08-12)

    Bug Fixes

    • test: json output with all-projects flag (8258ef0)
  • 1.373.0 - 2020-08-11

    1.373.0 (2020-08-11)

    Features

    • improve iac test json output (140625c)
  • 1.372.0 - 2020-08-10

    1.372.0 (2020-08-10)

    Features

    • scan gradle projects behind --all-projects (a2bfc89)
      Default behaviour for gradle projects detected with --all-projects is the same as doing snyk test --all-sub-projects in the root of the gradle project.
  • 1.371.1 - 2020-08-10
  • 1.371.0 - 2020-08-10
  • 1.370.1 - 2020-08-08
  • 1.370.0 - 2020-08-07
  • 1.369.3 - 2020-08-04
  • 1.369.2 - 2020-07-30
from snyk GitHub release notes
Commit messages
Package name: snyk
  • b444f70 Merge pull request #1346 from snyk/feat/bump-sdp-3.17.0
  • 4a1e32f feat: Bumping snyk-docker-plugin to 3.17.0
  • e182d1f Merge pull request #1343 from snyk/feat/bump-sdp-3.17.0
  • 9e97c07 Bumping snyk-docker-plugin to 3.17.0
  • 027d194 Merge pull request #1331 from snykerjames/fix/custom-api-endpoint-warning-output
  • 07c3a69 Merge pull request #1342 from snyk/chore/fix-binary-naming
  • 3c9687f chore(build): don’t rely on dynamic names from pkg
  • d32c8ab Merge pull request #1337 from snyk/feat/smoke-test
  • 132afe2 test: run alpine test in docker
  • 9d1b740 fix(build): use node 14 for alpine executable
  • a5c9ec4 Merge pull request #1338 from snyk/feat/bump-plugin-update-deps
  • 90acae1 Merge pull request #1332 from snyk/feat/config-env-value-override
  • 4c3a141 feat: bump cocoapods plugin to update graph & cli interface deps
  • fcc157d Merge pull request #1328 from snyk/feat/enable-kotlin-gradle-all-projects
  • 16fc432 feat: Allow environment variables to override config values
  • 2e8c8cd Merge pull request #1307 from snyk/feat/show-original-severity-cli
  • 30a8cd7 feat: show original severity if overridden by a policy
  • 17552b6 Merge pull request #1333 from snyk/chore/node-12
  • 957c64e chore(build): downgrade binary to Node v12
  • fa3e1d9 chore: remove npmignore
  • c49d942 Merge pull request #1327 from snyk/feat/smoke-test
  • 41e8de2 chore(test): add regression test for valid JSON bodies
  • 7dfc027 test: kotlin monorepo --all-projects
  • 6e806fb feat: prefer build.gradle if kotlin also found
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

nr-opensource-bot commented 3 years ago

:tada: This PR is included in version 0.6.1 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: