raindigi / cloudcannon-suite

:couch_and_lamp: An opinionated set of tools to build and maintain static sites
https://suite.cloudcannon.com/
0 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #144

Open saurabharch opened 1 year ago

saurabharch commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **658/1000**
**Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: googleapis The new version differs by 23 commits.
  • 3b2e51a chore: release 40.0.0 (#1710)
  • 6817c39 feat!: run the generator (#1709)
  • 8256d69 build: nyc configuration with --all
  • 3e17bd8 fix: Incorrect case README (#1706)
  • 3a4ff77 refactor: drop pify dependency (#1704)
  • 70b1243 chore: upgrade gts to new version (#1703)
  • e6e632a build: switches to piping coverage to codecov from Node 10 (#1694)
  • e82a8bf build: allow Node 10 on presubmit to push to codecov (#1698)
  • ecaa83a build: allow Node 10 to push to codecov (#1697)
  • 92ea32b chore(deps): update dependency ts-loader to v6 (#1700)
  • a8ede31 build: patch Windows container, fixing Node 10 (#1696)
  • 572b41b chore(deps): update dependency p-queue to v5 (#1672)
  • b4dac67 chore: do not run CI on grpc-js (#1692)
  • 87a0335 chore(deps): update dependency eslint-plugin-node to v9 (#1693)
  • 8428d5c build!: upgrade engines field to >=8.10.0 (#1691)
  • b5b9a28 chore: removing node6 CI (#1690)
  • dae8532 update to .nycrc with --all enabled (#1687)
  • 54c8c4f chore(deps): update dependency @ types/nock to v10 (#1685)
  • 3db63d6 fix(samples): fix readline args in youtube upload (#1676)
  • 44ec114 chore(deps): update dependency null-loader to v1 (#1678)
  • 6d5a9c8 feat: run the generator (#1680)
  • 1f7c41a docs: document export as alternative to get (#1677)
  • b50d060 chore(deps): update dependency nyc to v14 (#1673)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"a7d6d027-817a-4780-bff7-154f21bffe00","prPublicId":"a7d6d027-817a-4780-bff7-154f21bffe00","dependencies":[{"name":"@google-cloud/language","from":"2.1.0","to":"4.0.0"},{"name":"googleapis","from":"39.2.0","to":"40.0.0"}],"packageManager":"npm","projectPublicId":"77cec165-3d0e-4cd9-8351-5129b621dab0","projectUrl":"https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-SEMVER-3247795"],"upgrade":["SNYK-JS-SEMVER-3247795"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[658],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)