search

skycoin / skycoin-web

Webclient for Skycoin
https://wallet.skycoin.net
MIT License
16 stars 18 forks source link

[Snyk] Fix for 1 vulnerabilities #723

Open gz-c opened 9 months ago

gz-c commented 9 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: karma-coverage-istanbul-reporter The new version differs by 61 commits.
  • 5304cd6 chore(release): 3.0.0
  • 31b1a40 chore: swap out newer istanbul loader
  • f01c19e docs: update readme with newer loader
  • 9cd809e build: fix linting
  • baba524 build: upgrade dependencies
  • 28cbbfb feat: upgrade to latest istanbul api
  • 30ce860 chore(release): 2.1.1
  • e97218c build: upgrade dependencies
  • ee9fb51 fix: add npm funding link
  • 213056c build(deps): bump lodash.template from 4.4.0 to 4.5.0 (#75)
  • 2aefe78 build(deps): bump eslint-utils from 1.3.1 to 1.4.3 (#76)
  • 3eac3fe chore: move to github sponsors
  • 4a919b4 chore(release): 2.1.0
  • 087c3b0 ci: test on node 12
  • c4f7a9c feat(config): support istanbul-api instrumentation configuration
  • 8fee4a9 chore(release): 2.0.6
  • 7a34b47 Merge branch 'master' of github.com:mattlewis92/karma-coverage-istanbul-reporter
  • ca17ed1 build: fix code coverage
  • 619d90d fix: get source code from sourceMapStore on write report
  • 5496d47 style: reformat code with prettier
  • 0261f70 build: upgrade dependencies
  • a2c359b docs: format readme
  • df3d5df chore: share probot config
  • b55478f build: add issue template enforcer
See the full diff
Package name: protractor The new version differs by 70 commits.
  • 5d8da04 chore(release): version bump to 6.0.0 and update the changelog
  • d777738 chore(tests): circleci - chrome 69 requires chromdriver to 2.44 (#5182)
  • 3d50b68 chore(deps): update based on npm audit
  • e478ba8 chore(release): bump version to 6.0.1-beta
  • 7054827 chore(types): fix types to use not @ types/selenium-webdriver (#5127)
  • 2e5c2e6 chore(jasmine): prevent random execution order in jasmine 3 (#5126)
  • 8afc4e2 chore(release): release 6.0.0-beta and update the changelog
  • 5fd711c chore(webdriver-manager): use webdriver-manager@13.0.0-beta
  • 96ae17c deps(jasmine): upgrade jasmine 3.3 (#5102)
  • 68491dd chore(expectedConditions): update generic Function typings (#5101)
  • cf43651 chore(debugprint): convert debugprint to TypeScript (#5074)
  • d213aa9 deps(selenium): upgrade to selenium 4 (#5095)
  • 4672265 chore(browser): remove timing issues with restart and fork (#5085)
  • b4dbcc2 chore(elementexplorer): remove explorer bin file (#5094)
  • 7de6d85 docs(api): update examples to use async/await (#5081)
  • 1b2036e typings(selenium): try out new version of typings (#5084)
  • befb457 chore(bin): update webdriver-manager require to use the cli (#5093)
  • 509f1b2 deps(latest): upgrade to the gulp and typescript (#5089)
  • 2def202 deps(webdriver-manager): use replacement (#5088)
  • 9d510db chore(test): remove jasmine addMatcher test (#5072)
  • 6522e40 chore(cleanup): clean up imports and wdpromises (#5073)
  • 3b8f263 chore(ignoreSynchornization): clean up to use waitForAngularEnabled (#5071)
  • ffa3519 chore(debugger): remove debugger and explore methods (#5070)
  • 0f7a38a chore(test): error tests fixed (#5069)
See the full diff
Package name: puppeteer The new version differs by 250 commits.
  • a07ff12 chore: use scoped tags for publishing (#9055)
  • ee1272e chore: release main (#9052)
  • bafdb47 chore: update pin_dependencies.py (#9051)
  • d4c6ff1 chore: update pin dependencies (#9050)
  • d1b61cf chore: update generate sources (#9049)
  • 9b28a3b chore: use file dependencies at root (#9048)
  • a359873 chore: pin dependencies on pre-release (#9046)
  • 469ac02 chore: fix release-please (#9044)
  • f42336c feat: separate puppeteer and puppeteer-core (#9023)
  • 3aee641 chore(main): release 18.1.0 (#9042)
  • 022fbde feat(chromium): roll to Chromium 107.0.5296.0 (r1045629) (#9039)
  • b7b07e3 chore: add documentation to xpath prefix and deprecated page.waitForTimeout (#9014)
  • 5dbd69e chore: type in waitForRequest function description (#9015)
  • c0c7878 chore: initiate monorepo migration (#9022)
  • 2a21896 chore: rename vendor to third_party (#9021)
  • f8de7b1 chore: bundle vendor code (#9016)
  • d06a905 chore: update deps (#9013)
  • 023ebd8 chore: enable firefox tests on Mac (#9002)
  • a00d466 chore: add strategy.fail-fast=false (#9007)
  • 5a1b8d2 chore: add headful support for Firefox (#9004)
  • c21c3ba chore: remove environment variable that forces WebRender to be disabled in Firefox (#9001)
  • a6f4584 chore: clarify build instructions (#9000)
  • 3939d55 chore: enable continue on error (#9003)
  • ddc567a chore(main): release 18.0.5 (#8997)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/gz-c/project/c78e772f-ccee-4791-86a2-735166d34b87?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/gz-c/project/c78e772f-ccee-4791-86a2-735166d34b87?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"34001ebd-b63e-4c19-bd52-e9fc2895fa55","prPublicId":"34001ebd-b63e-4c19-bd52-e9fc2895fa55","dependencies":[{"name":"@angular/cli","from":"1.7.3","to":"6.0.0"},{"name":"karma-coverage-istanbul-reporter","from":"1.4.2","to":"3.0.0"},{"name":"protractor","from":"5.4.1","to":"6.0.0"},{"name":"puppeteer","from":"1.3.0","to":"18.2.0"}],"packageManager":"npm","projectPublicId":"c78e772f-ccee-4791-86a2-735166d34b87","projectUrl":"https://app.snyk.io/org/gz-c/project/c78e772f-ccee-4791-86a2-735166d34b87?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[661],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)
CLAassistant commented 9 months ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.