vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| rollout | ❌ Failed (Inspect) | Jun 28, 2023 10:51pm |
Closed saurabharch closed 1 year ago
vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| rollout | ❌ Failed (Inspect) | Jun 28, 2023 10:51pm |
github-actions[bot]
commented
1 year ago Stale pull request message
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json - Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. [Find out more](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities). #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **686/1000****Why?** Proof of Concept exploit, Has a fix available, CVSS 7.3 | Prototype Pollution
[SNYK-JS-FASTJSONPATCH-595663](https://snyk.io/vuln/SNYK-JS-FASTJSONPATCH-595663) | Yes | Proof of Concept  | **484/1000**
**Why?** Has a fix available, CVSS 5.4 | Open Redirect
[SNYK-JS-GOT-2932019](https://snyk.io/vuln/SNYK-JS-GOT-2932019) | Yes | No Known Exploit  | **454/1000**
**Why?** Has a fix available, CVSS 4.8 | Session Fixation
[SNYK-JS-PASSPORT-2840631](https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631) | Yes | No Known Exploit  | **731/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.2 | Prototype Pollution
[SNYK-JS-PROTOBUFJS-2441248](https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248) | Yes | Proof of Concept  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Prototype Pollution
[SNYK-JS-XML2JS-5414874](https://snyk.io/vuln/SNYK-JS-XML2JS-5414874) | No | Proof of Concept  | **579/1000**
**Why?** Has a fix available, CVSS 7.3 | Prototype Pollution
[npm:extend:20180424](https://snyk.io/vuln/npm:extend:20180424) | Yes | No Known Exploit  | **741/1000**
**Why?** Mature exploit, Has a fix available, CVSS 7.1 | Regular Expression Denial of Service (ReDoS)
[npm:protobufjs:20180305](https://snyk.io/vuln/npm:protobufjs:20180305) | Yes | Mature (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: is-online
The new version differs by 2 commits.- bc6def0 10.0.0
- b0e3bd2 Require Node.js 14 and move to ESM
See the full diffPackage name: minio
The new version differs by 13 commits.- 36a8741 bump release tag to 7.1.0
- 832ac71 Fixed issue with closing files in fPutObject() function (#1112)
- 75ed013 Fixed error handling in putObject (#1132)
- 14474b5 feat: specify custom transport agent parameter (#1104)
- a2d2c0b fixbatch deletion in removeObjects (#1131)
- 82b0659 Fix string interpolation of presignedPutObject (#1125)
- 1941a39 Add AWS Sweden ( eu-north-1 ) region (#1126)
- 8699e84 Bump xml2js from 0.4.23 to 0.5.0 (#1124)
- 58a4fb4 Bump json5 from 2.2.1 to 2.2.3 (#1116)
- 17f6b32 Bump decode-uri-component from 0.2.0 to 0.2.2 (#1117)
- 5877baa Bump cookiejar from 2.1.3 to 2.1.4 (#1115)
- abf3f4b docs: `makeBucket` `region` argument is optional (#1103)
- ac243bb Update version to next release
See the full diffPackage name: passport
The new version differs by 100 commits.- c33067b 0.6.0
- 3052bb4 Update changelog.
- 42630cb Merge pull request #900 from jaredhanson/fix-fixation
- 8dd79fe Use utils-merge rather than Object.assign for compatibility.
- 4f6bd5b Change keepSessionData to keepSessionData.
- 46756e5 Silence verbose logging.
- 987b191 Add tests.
- f8a175f Add tests.
- 29a90d6 No need to guard callback existence.
- bfba8a1 Add tests.
- 17111d7 Add option to keep session data on logout.
- a349c2b Add option to keep session data.
- e69834e Add optional options to login and logout.
- 8825a9a Add tests.
- c1991cf Add tests.
- 294f22c Better session detection and exceptions.
- 80cc4e3 Add tests.
- 3001654 Add tests.
- b395106 Clean up tests.
- cfa8259 Add tests.
- ee0bf81 Add tests.
- cc7606c Add tests.
- 71c54f6 Add test.
- 88c1f1b Handle logout without session manager.
See the full diffPackage name: pkgcloud
The new version differs by 6 commits.- a16c415 [dist] Version bump. 2.0.0
- 9ac833c Update dependencies (#651)
- e89f046 [BREAKING] Drop all legacy providers. (#652)
- 44e08a0 Documentation fixes
- ce4382f Issue 526 Fixed
- 916fa68 Correct page title markdown formatting (#646)
See the full diff**Why?** Proof of Concept exploit, Has a fix available, CVSS 3.7 | Regular Expression Denial of Service (ReDoS)
[npm:debug:20170905](https://snyk.io/vuln/npm:debug:20170905) | Proof of Concept  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[npm:minimatch:20160620](https://snyk.io/vuln/npm:minimatch:20160620) | No Known Exploit  | **399/1000**
**Why?** Has a fix available, CVSS 3.7 | Regular Expression Denial of Service (ReDoS)
[npm:ms:20170412](https://snyk.io/vuln/npm:ms:20170412) | No Known Exploit (*) Note that the real score may have changed since the PR was raised. Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: