Open noqcks opened 2 months ago
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
Package | New capabilities | Transitives | Size | Publisher |
---|
๐ฎ Removed packages: npm/probot@12.3.1, npm/serverless@3.33.0, npm/smee-client@1.2.3, npm/standard@17.0.0
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 88.67%. Comparing base (
162fe2f
) to head (73e9b93
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade serverless from 3.33.0 to 3.39.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **69 versions** ahead of your current version. - The recommended version was released on **a month ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Cross-site Request Forgery (CSRF)
[SNYK-JS-AXIOS-6032459](https://snyk.io/vuln/SNYK-JS-AXIOS-6032459) | **462** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Denial of Service (DoS)
[SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **462** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ES5EXT-6095076](https://snyk.io/vuln/SNYK-JS-ES5EXT-6095076) | **462** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Improper Input Validation
[SNYK-JS-FOLLOWREDIRECTS-6141137](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137) | **462** | Proof of Concept ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-AXIOS-6124857](https://snyk.io/vuln/SNYK-JS-AXIOS-6124857) | **462** | Proof of Concept ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-6444610](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610) | **462** | Proof of Concept --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. > - Max score is 1000. Note that the real score may have changed since the PR was raised. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** > - ๐ง [View latest project report](https://app.snyk.io/org/benji-or7/project/160be9c9-3a12-4b96-8b92-7d2a121c9c1a?utm_source=github&utm_medium=referral&page=upgrade-pr) > - ๐ [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) > - ๐ [Adjust upgrade PR settings](https://app.snyk.io/org/benji-or7/project/160be9c9-3a12-4b96-8b92-7d2a121c9c1a/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - ๐ [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/benji-or7/project/160be9c9-3a12-4b96-8b92-7d2a121c9c1a/settings/integration?pkg=serverless&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)