postmanlabs / swagger2-postman2

Module and library to convert Swagger 2.0 to a Postman Collection (v2.0)
Apache License 2.0
82 stars 42 forks source link

[Snyk] Security upgrade openapi-to-postmanv2 from 3.1.0 to 3.2.0 #100

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-ASYNC-2441827
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: openapi-to-postmanv2 The new version differs by 25 commits.
  • 6049afd Released v3.2.0
  • a51fb4b Merge pull request #512 from postmanlabs/feature/fix-ansi-regex-vuln
  • 93c2edd #511 Fixed vulnerability high and critical severity vulnerability
  • ad632b1 #511 Fixed vulnerability high and critical severity vulnerability
  • ade090c Merge pull request #507 from postmanlabs/feature/fix-travis-issue
  • 4c86094 Fixed tests for travis.yaml to not include some of node versions
  • 0f972c8 Updated travis pipeline to use xenial dist
  • 75d8884 Merge pull request #502 from postmanlabs/fix10752/deepObjectLengthProp
  • a34abfd Change deepObject generation
  • 74d065b Merge branch 'develop' of github.com:postmanlabs/openapi-to-postman into develop
  • df174eb Merge pull request #481 from postmanlabs/fix479/valueTypes
  • adde11a add format scenarios
  • 60bbc2b Merge branch 'develop' of github.com:postmanlabs/openapi-to-postman into develop
  • 1d5b475 Update deref.test.js
  • aec94b7 Add testing scenarios and simplify into one file
  • a22700b Add support for int64 format
  • 3442d82 test for <long>
  • 3187439 Merge pull request #492 from postmanlabs/fix485/transactionPathTests2
  • 8cdefb0 Merge pull request #494 from postmanlabs/release/3.1.0
  • af7e365 Merge branch 'release/3.1.0' into develop
  • b0f57b7 Test for checking deeper properties
  • 8927e4b Add test for transaction path in validation
  • d82aee0 Fix merging errors
  • 2582587 Merge branch 'develop' into fix479/valueTypes
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution