omermorad / mockingbird

šŸ¦ Decorator Powered TypeScript Library for Creating Mocks
MIT License
87 stars 5 forks source link

[Snyk] Security upgrade jest-junit from 12.2.0 to 13.0.0 #109

Closed snyk-bot closed 2 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: jest-junit The new version differs by 19 commits.
  • 76bba08 Merge pull request #189 from palmerj3/v13
  • 6a84a3e Merge pull request #160 from sginter/noStackTrace
  • 017af76 Merge pull request #154 from arabull/rootDir
  • ba1a2ac v13.0.0
  • 1b5af37 Merge branch 'rootDir' of https://github.com/arabull/jest-junit into rootDir
  • c5ca7c8 Replace <rootDir> prior to path.join().
  • 46bc2c9 Merge pull request #188 from KeYu-dev/fixcg-ansi-regex
  • 2b6c131 Update package.json
  • 8f43cd0 Fix CG by updating strip-ansi from 5.2.0 to 6.0.1
  • 506df22 chore: use Jest 27 (#186)
  • c054549 chore: run tests on Windows (#187)
  • 475c84f chore: refresh lockfile (#184)
  • 77e5b64 chore: migrate to GH Actions (#185)
  • 46ab4a4 Merge pull request #182 from palmerj3/twelveThreeZero
  • 7568d08 v12.3.0
  • 8e5f72b Merge pull request #179 from D4N14L/fixDisplayName
  • e189f2d Fix displayName usage in templates
  • 8aab1d5 Add noStackTrace config setting to omit stack traces from the test failure reports
  • 5a96643 Replace <rootDir> prior to path.join().
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: šŸ§ View latest project report

šŸ›  Adjust project settings

šŸ“š Read more about Snyk's upgrade and patch logic