oaeproject / Biscuit-ux

Band new advanced modern shiny and experimental frontend for OAE
1 stars 3 forks source link

[Snyk] Security upgrade mocha from 5.2.0 to 7.1.1 #39

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764
Yes Proof of Concept
Commit messages
Package name: mocha The new version differs by 250 commits.
  • 7c09e63 Release v7.1.1
  • 7599535 update CHANGELOG for v7.1.1 [ci skip]
  • 3bf650c security: update mkdirp, yargs, yargs-parser (#4204)
  • e1389ef Fix: runner listening to 'start' and 'end' events (#3660)
  • 9cbb6f6 upgrade assetgraph-builder
  • 4dc3cd1 docs: show netlify badge on footer (#4190)
  • 09b948b Release v7.1.0
  • d43092e update CHANGELOG for v7.1.0 [ci skip]
  • 57be455 Add support for Node.JS native ES modules (#4038)
  • a995e33 Fix: programmatic API cannot access retried test objects (#4181)
  • ac12f2c Browser: fix 'allowUncaught' handling (#4174)
  • 2ff1cb2 uncaughtException: refactor, move and add tests
  • b431609 docs: update browser options
  • 883ae4b ESLint: use 'const' instead of 'let'
  • 2a1b637 Upgrade: ESLint v6.8 (#4138)
  • dbba276 Manage author list in AUTHORS instead of package.json (#4058)
  • d0f04e9 Release v7.0.1
  • 2277958 update CHANGELOG for v7.0.1 [ci skip]
  • 0be3f78 Fix exception when skipping tests programmatically (#4165)
  • c0f1d14 uncaughtException: fix recovery when current test is still running (#4150)
  • 9c10ada Fix backwards compability break for reporterOptions
  • a24683f Throw a descriptive error when a non-function is given to a runnable (#4133)
  • 579fd09 update copyright & trademark notices per OJSF; closes #4145
  • 0e1ccbb Fix leaking global 'uncaughtException' handler (#4147)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic