nodeshift / opossum

Node.js circuit breaker - fails fast ⚡️
https://nodeshift.dev/opossum/
Apache License 2.0
1.33k stars 107 forks source link

[Snyk] Upgrade: @babel/core, @babel/preset-env #855

Closed lholmquist closed 3 months ago

lholmquist commented 7 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name | Versions | Released on :-------------|:-------------|:------------- **@babel/core**
from 7.22.9 to 7.24.4 | **18 versions** ahead of your current version | **a month ago**
on 2024-04-03 **@babel/preset-env**
from 7.22.9 to 7.24.4 | **15 versions** ahead of your current version | **a month ago**
on 2024-04-03 The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **572/1000**
**Why?** Proof of Concept exploit, CVSS 9.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @babel/core
  • 7.24.4 - 2024-04-03

    v7.24.4 (2024-04-03)

    Thanks @ Dunqing, @ luiscubal, and @ samualtnorman for your first PRs!

    👓 Spec Compliance

    • babel-parser
    • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

    🐛 Bug Fix

    • babel-generator
    • babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-plugin-transform-block-scoping
    • babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping

    Committers: 7

  • 7.24.3 - 2024-03-20

    v7.24.3 (2024-03-20)

    Thanks @ ota-meshi for your first PR!

    🐛 Bug Fix

    • babel-helper-module-imports
      • #16370 fix: do not inject the same imported identifier multiple times (@ ota-meshi)

    Committers: 2

  • 7.24.1 - 2024-03-19

    v7.24.1 (2024-03-19)

    🐛 Bug Fix

    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties
    • babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

    📝 Documentation

    🏠 Internal

    • babel-code-frame, babel-highlight
    • babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow
    • babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx
    • Other

    🔬 Output optimization

    • babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime
    • babel-plugin-transform-class-properties, babel-plugin-transform-classes
    • babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse
    • babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

    Committers: 4

  • 7.24.0 - 2024-02-28
    Read more
  • 7.23.9 - 2024-01-25

    v7.23.9 (2024-01-25)

    🐛 Bug Fix

    • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
    • babel-traverse
    • Other

    🏠 Internal

    🏃‍♀️ Performance

    🔬 Output optimization

    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
    • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

    Committers: 4

  • 7.23.7 - 2023-12-29
  • 7.23.6 - 2023-12-11
  • 7.23.5 - 2023-11-29
  • 7.23.3 - 2023-11-09
  • 7.23.2 - 2023-10-12
  • 7.23.0 - 2023-09-25
  • 7.22.20 - 2023-09-16
  • 7.22.19 - 2023-09-14
  • 7.22.18 - 2023-09-14
  • 7.22.17 - 2023-09-08
  • 7.22.15 - 2023-09-04
  • 7.22.11 - 2023-08-24
  • 7.22.10 - 2023-08-07
  • 7.22.9 - 2023-07-12
from @babel/core GitHub release notes
Package name: @babel/preset-env from @babel/preset-env GitHub release notes

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?pkg=@babel/core&pkg=@babel/preset-env&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
coveralls commented 7 months ago

Pull Request Test Coverage Report for Build 8904749370

Details


Totals Coverage Status
Change from base Build 8894784791: 0.0%
Covered Lines: 374
Relevant Lines: 375

💛 - Coveralls
github-actions[bot] commented 6 months ago

This pull request is stale because it has been open 30 days with no activity.