search

parse-community / parse-server-push-adapter

A push notification adapter for Parse Server
https://parseplatform.org
MIT License
85 stars 100 forks source link

[Snyk] Security upgrade parse from 2.19.0 to 3.3.0 #191

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: parse The new version differs by 75 commits.
  • 2e7a406 Release v3.3.0 (#1383)
  • 720b954 fix: upgrade ws from 7.4.6 to 7.5.0 (#1382)
  • 886f17d Fix react native build (#1381)
  • 53768db fix: upgrade @ babel/runtime-corejs3 from 7.14.5 to 7.14.6 (#1379)
  • ea9179f fix: upgrade @ babel/runtime from 7.14.5 to 7.14.6 (#1380)
  • 0bd120e fix: upgrade @ babel/runtime from 7.14.0 to 7.14.5 (#1376)
  • af8b9c3 fix: upgrade @ babel/runtime-corejs3 from 7.14.0 to 7.14.5 (#1377)
  • e4e2425 fix: upgrade idb-keyval from 5.0.5 to 5.0.6 (#1374)
  • 005321f fix: package.json & package-lock.json to reduce vulnerabilities (#1370)
  • 0985f59 build(deps): bump browserslist from 4.16.4 to 4.16.6 (#1369)
  • 9349e81 fix: upgrade @ babel/runtime-corejs3 from 7.13.17 to 7.14.0 (#1366)
  • eca6399 fix: upgrade @ babel/runtime from 7.13.17 to 7.14.0 (#1367)
  • ffc523f Improve support for nested keys (#1364)
  • 86c05ad fix: upgrade @ babel/runtime-corejs3 from 7.13.16 to 7.13.17 (#1361)
  • b6a10a4 fix: upgrade @ babel/runtime from 7.13.16 to 7.13.17 (#1360)
  • c84cda7 fix: upgrade @ babel/runtime-corejs3 from 7.13.10 to 7.13.16 (#1359)
  • 7445f65 fix: upgrade @ babel/runtime from 7.13.10 to 7.13.16 (#1358)
  • f92e78f fix: upgrade ws from 7.4.4 to 7.4.5 (#1357)
  • e6f15fd [bug] Fix weapp uuid error. (#1356)
  • 66878f2 fix: upgrade idb-keyval from 5.0.4 to 5.0.5 (#1355)
  • 7512f53 fix EventEmitter undefined on React Native 0.64 (#1351)
  • d71eb33 doc improvement (#1349)
  • 16b45fd add npm lock file version check (#1345)
  • 52cd8d4 Added an error code indicating a field with an invalid value (#1342)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic