search

node-gh / gh

(DEPRECATED) GitHub CLI made with NodeJS. Use the official https://cli.github.com/ instead.
http://nodegh.io
Other
1.71k stars 217 forks source link

[Snyk] Security upgrade nock from 10.0.5 to 11.9.0 #766

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764		 Yes Proof of Concept
Commit messages
Package name: nock The new version differs by 250 commits.
  • a275769 test: Update got to the latest version and fill in missing coverage (#1825)
  • 566461b feat: allow passing a function to `enableNetConnect()` (#1889)
  • 11c0542 Require Node 10+ (#1895)
  • e04d61d Update mkdirp to the latest version šŸš€ (#1857)
  • 9379f09 Do not return the `nock` global from `cleanAll()` (#1872)
  • 6c504c3 Drop support for String constructor (#1873)
  • 1fae725 refactor(test): use Mocha DSL for allow unmocked (#1894)
  • d0694a7 ci: move semantic-release to GitHub Action
  • 524dd29 test: fix assertRejects usage (#1890)
  • 5d3b270 refactor(test): Chai assert allow unmocked (#1891)
  • 5eaa5f5 Bump lolex and sinon (#1887)
  • 9fdeeca fix: allowMocked when using a callback for the path (#1877)
  • a56a209 fix: only activate once, when on (#1824)
  • 8b8a10d Greenkeeper/semantic release 17.0.2 (#1878)
  • e22233b fix(types): Scope accepts legacy Url not WHATWG (#1879)
  • 061e922 feat(socketDelay): support options.timeout (#1848)
  • c209c6b refactor: Use Mocha DSL in test_nock_lifecycle (#1809)
  • eac299b Remove a spurious `{ retry: 0 }` (#1876)
  • e863c84 ci: move format, lint and test jobs to GitHub Actions (#1814)
  • 22e2fca fix: Correct behavior when other libraries override http.get and http.request (#1868)
  • 921eacf docs: Revise and accept RFC-001 (#1753)
  • e1461a2 Update mocha to the latest version šŸš€ (#1858)
  • c7363e5 fix: Fix a regression due to Jest having different globals (#1850)
  • fad405a Update dtslint to the latest version šŸš€ (#1813)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

šŸ§ View latest project report

šŸ›  Adjust project settings

šŸ“š Read more about Snyk's upgrade and patch logic

protoEvangelion commented 4 years ago

:tada: This PR is included in version 2.8.8 :tada:

The release is available on:

Your semantic-release bot :package::rocket: