search

postmanlabs / swagger2-to-postman

Converter for swagger 2.0 JSON to Postman Collection
Apache License 2.0
120 stars 55 forks source link

[Snyk] Security upgrade mocha from 2.5.3 to 3.0.0 #57

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 375/1000
Why? CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-1019388		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: mocha The new version differs by 107 commits.
  • e8cda73 Release v3.0.0
  • 4944e31 rebuild mocha.js
  • 16762d1 fix bad merge of karma.conf.js
  • 2f9a409 add note about spec reporter to CHANGELOG.md [ci skip]
  • 7c0284b fixed typo in mocha.css introduced by 185c0d902e272216232630fe4e2577268456dd9a [ci skip]
  • 8741506 Remove carriage return before each test line in spec reporter. Served no purpose
  • 309b8f2 add "logo" field to package.json [ci skip]
  • 740a511 fix incorrect executable name with new version of commander
  • 0e2e49b add bower.json to published package for npmcdn support [ci skip]
  • d367bc7 fix broken/wrong URLs in CHANGELOG.md [ci skip]
  • 6184529 Release v3.0.0-2
  • 4b4009b rebuild mocha.js
  • 15c344c add browser-stdout to dependencies
  • e3ab4ec update CHANGELOG [ci skip]
  • 0cd9dc9 let child suites run if parent is exclusive; closes #2378 (#2387)
  • f0b184e Upgrade eslint package to 2.13 version (#2389)
  • cab1e43 markdown fixes for CHANGELOG.md [ci skip]
  • d0d5e50 fix bad reference to to-iso-string in test
  • 517020b suppress warning about .eslintignore when running ESLint
  • 08a6ccf copy to-iso-string; closes #2378
  • 74940ef added changes to CHANGELOG.md [ci skip]
  • bf216d5 tweak wording on "overspecification" exception
  • 3a3a699 wip CHANGELOG update
  • 5c34451 display executed commands in Makefile for debugging
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic