raindigi / cloudcannon-suite

:couch_and_lamp: An opinionated set of tools to build and maintain static sites
https://suite.cloudcannon.com/
0 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #147

Open saurabharch opened 12 months ago

saurabharch commented 12 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: del The new version differs by 38 commits.
See the full diff
Package name: puppeteer The new version differs by 250 commits.
  • a07ff12 chore: use scoped tags for publishing (#9055)
  • ee1272e chore: release main (#9052)
  • bafdb47 chore: update pin_dependencies.py (#9051)
  • d4c6ff1 chore: update pin dependencies (#9050)
  • d1b61cf chore: update generate sources (#9049)
  • 9b28a3b chore: use file dependencies at root (#9048)
  • a359873 chore: pin dependencies on pre-release (#9046)
  • 469ac02 chore: fix release-please (#9044)
  • f42336c feat: separate puppeteer and puppeteer-core (#9023)
  • 3aee641 chore(main): release 18.1.0 (#9042)
  • 022fbde feat(chromium): roll to Chromium 107.0.5296.0 (r1045629) (#9039)
  • b7b07e3 chore: add documentation to xpath prefix and deprecated page.waitForTimeout (#9014)
  • 5dbd69e chore: type in waitForRequest function description (#9015)
  • c0c7878 chore: initiate monorepo migration (#9022)
  • 2a21896 chore: rename vendor to third_party (#9021)
  • f8de7b1 chore: bundle vendor code (#9016)
  • d06a905 chore: update deps (#9013)
  • 023ebd8 chore: enable firefox tests on Mac (#9002)
  • a00d466 chore: add strategy.fail-fast=false (#9007)
  • 5a1b8d2 chore: add headful support for Firefox (#9004)
  • c21c3ba chore: remove environment variable that forces WebRender to be disabled in Firefox (#9001)
  • a6f4584 chore: clarify build instructions (#9000)
  • 3939d55 chore: enable continue on error (#9003)
  • ddc567a chore(main): release 18.0.5 (#8997)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"f04d85a3-5fda-4ed5-bf3d-bd05e8d70fdf","prPublicId":"f04d85a3-5fda-4ed5-bf3d-bd05e8d70fdf","dependencies":[{"name":"@google-cloud/language","from":"2.1.0","to":"3.0.0"},{"name":"del","from":"3.0.0","to":"6.0.0"},{"name":"puppeteer","from":"1.13.0","to":"18.2.0"}],"packageManager":"npm","projectPublicId":"77cec165-3d0e-4cd9-8351-5129b621dab0","projectUrl":"https://app.snyk.io/org/saurabharch/project/77cec165-3d0e-4cd9-8351-5129b621dab0?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[661],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)