search

snyk / vulncost

Find security vulnerabilities in open source npm packages while you code
https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost
MIT License
202 stars 35 forks source link

[Snyk-beemo] Upgrade snyk from 1.319.1 to 1.378.0 #42

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade snyk from 1.319.1 to 1.378.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Remote Memory Exposure
SNYK-JS-BL-608877		 456/1000
Why? Recently disclosed, CVSS 7.7		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: snyk
  • 1.378.0 - 2020-08-18

    1.378.0 (2020-08-18)

    Features

    • Bumping snyk-docker-plugin to 3.17.0 (4a1e32f)
  • 1.377.2 - 2020-08-18

    1.377.2 (2020-08-18)

    Bug Fixes

    • move custom API endpoint warning message to stderr (77c66ed)
  • 1.377.1 - 2020-08-17

    1.377.1 (2020-08-17)

    Bug Fixes

    • build: use node 14 for alpine executable (9d1b740)
  • 1.377.0 - 2020-08-17

    1.377.0 (2020-08-17)

    Features

    • bump cocoapods plugin to update graph & cli interface deps (4c3a141)
  • 1.376.0 - 2020-08-17

    1.376.0 (2020-08-17)

    Features

    • Allow environment variables to override config values (16fc432)
  • 1.375.0 - 2020-08-17

    1.375.0 (2020-08-17)

    Features

    • detect build.gradle.kts projects automatically behind --all-projects flag and scan all root level files with implied --all-sub-projects (57d8d02)
    • if both gradle files detected in the same folder, prefer build.gradle if build.gradle.kts also found (6e806fb)
  • 1.374.0 - 2020-08-14

    1.374.0 (2020-08-14)

    Features

    • show original severity if overridden by a policy (30a8cd7)
  • 1.373.1 - 2020-08-12

    1.373.1 (2020-08-12)

    Bug Fixes

    • test: json output with all-projects flag (8258ef0)
  • 1.373.0 - 2020-08-11

    1.373.0 (2020-08-11)

    Features

    • improve iac test json output (140625c)
  • 1.372.0 - 2020-08-10

    1.372.0 (2020-08-10)

    Features

    • scan gradle projects behind --all-projects (a2bfc89)
      Default behaviour for gradle projects detected with --all-projects is the same as doing snyk test --all-sub-projects in the root of the gradle project.
  • 1.371.1 - 2020-08-10
  • 1.371.0 - 2020-08-10
  • 1.370.1 - 2020-08-08
  • 1.370.0 - 2020-08-07
  • 1.369.3 - 2020-08-04
  • 1.369.2 - 2020-07-30
  • 1.369.1 - 2020-07-29
  • 1.369.0 - 2020-07-28
  • 1.368.1 - 2020-07-28
  • 1.368.0 - 2020-07-28
  • 1.367.0 - 2020-07-27
  • 1.366.2 - 2020-07-24
  • 1.366.1 - 2020-07-24
  • 1.366.0 - 2020-07-23
  • 1.365.0 - 2020-07-23
  • 1.364.2 - 2020-07-22
  • 1.364.1 - 2020-07-22
  • 1.364.0 - 2020-07-21
  • 1.363.0 - 2020-07-20
  • 1.362.1 - 2020-07-16
  • 1.362.0 - 2020-07-15
  • 1.361.3 - 2020-07-09
  • 1.361.2 - 2020-07-09
  • 1.361.1 - 2020-07-09
  • 1.361.0 - 2020-07-09
  • 1.360.0 - 2020-07-03
  • 1.359.1 - 2020-07-02
  • 1.359.0 - 2020-07-01
  • 1.358.0 - 2020-07-01
  • 1.357.0 - 2020-07-01
  • 1.356.0 - 2020-07-01
  • 1.355.0 - 2020-06-30
  • 1.354.0 - 2020-06-30
  • 1.353.1 - 2020-06-30
  • 1.353.0 - 2020-06-30
  • 1.352.1 - 2020-06-29
  • 1.352.0 - 2020-06-29
  • 1.351.0 - 2020-06-29
  • 1.350.1 - 2020-06-29
  • 1.350.0 - 2020-06-29
  • 1.349.0 - 2020-06-25
  • 1.348.2 - 2020-06-24
  • 1.348.1 - 2020-06-23
  • 1.348.0 - 2020-06-23
  • 1.347.1 - 2020-06-22
  • 1.347.0 - 2020-06-22
  • 1.346.0 - 2020-06-19
  • 1.345.1 - 2020-06-18
  • 1.345.0 - 2020-06-18
  • 1.344.0 - 2020-06-18
  • 1.343.0 - 2020-06-18
  • 1.342.3 - 2020-06-18
  • 1.342.2 - 2020-06-16
  • 1.342.1 - 2020-06-16
  • 1.342.0 - 2020-06-16
  • 1.341.2 - 2020-06-16
  • 1.341.1 - 2020-06-15
  • 1.341.0 - 2020-06-15
  • 1.340.0 - 2020-06-15
  • 1.339.4 - 2020-06-15
  • 1.339.3 - 2020-06-14
  • 1.339.2 - 2020-06-12
  • 1.339.1 - 2020-06-11
  • 1.339.0 - 2020-06-10
  • 1.338.0 - 2020-06-10
  • 1.337.0 - 2020-06-09
  • 1.336.0 - 2020-06-04
  • 1.335.0 - 2020-06-03
  • 1.334.0 - 2020-06-01
  • 1.333.0 - 2020-05-31
  • 1.332.1 - 2020-05-29
  • 1.332.0 - 2020-05-28
  • 1.331.0 - 2020-05-28
  • 1.330.4 - 2020-05-28
  • 1.330.3 - 2020-05-28
  • 1.330.2 - 2020-05-27
  • 1.330.1 - 2020-05-27
  • 1.330.0 - 2020-05-27
  • 1.329.0 - 2020-05-26
  • 1.328.0 - 2020-05-26
  • 1.327.1 - 2020-05-26
  • 1.327.0 - 2020-05-24
  • 1.326.0 - 2020-05-24
  • 1.325.0 - 2020-05-24
  • 1.324.0 - 2020-05-22
  • 1.323.2 - 2020-05-21
  • 1.323.1 - 2020-05-20
  • 1.323.0 - 2020-05-19
  • 1.322.0 - 2020-05-19
  • 1.321.0 - 2020-05-14
  • 1.320.5 - 2020-05-14
  • 1.320.4 - 2020-05-14
  • 1.320.3 - 2020-05-13
  • 1.320.2 - 2020-05-11
  • 1.320.1 - 2020-05-11
  • 1.320.0 - 2020-05-11
  • 1.319.2 - 2020-05-07
  • 1.319.1 - 2020-05-06
from snyk GitHub release notes
Commit messages
Package name: snyk
  • b444f70 Merge pull request #1346 from snyk/feat/bump-sdp-3.17.0
  • 4a1e32f feat: Bumping snyk-docker-plugin to 3.17.0
  • e182d1f Merge pull request #1343 from snyk/feat/bump-sdp-3.17.0
  • 9e97c07 Bumping snyk-docker-plugin to 3.17.0
  • 027d194 Merge pull request #1331 from snykerjames/fix/custom-api-endpoint-warning-output
  • 07c3a69 Merge pull request #1342 from snyk/chore/fix-binary-naming
  • 3c9687f chore(build): don’t rely on dynamic names from pkg
  • d32c8ab Merge pull request #1337 from snyk/feat/smoke-test
  • 132afe2 test: run alpine test in docker
  • 9d1b740 fix(build): use node 14 for alpine executable
  • a5c9ec4 Merge pull request #1338 from snyk/feat/bump-plugin-update-deps
  • 90acae1 Merge pull request #1332 from snyk/feat/config-env-value-override
  • 4c3a141 feat: bump cocoapods plugin to update graph & cli interface deps
  • fcc157d Merge pull request #1328 from snyk/feat/enable-kotlin-gradle-all-projects
  • 16fc432 feat: Allow environment variables to override config values
  • 2e8c8cd Merge pull request #1307 from snyk/feat/show-original-severity-cli
  • 30a8cd7 feat: show original severity if overridden by a policy
  • 17552b6 Merge pull request #1333 from snyk/chore/node-12
  • 957c64e chore(build): downgrade binary to Node v12
  • fa3e1d9 chore: remove npmignore
  • c49d942 Merge pull request #1327 from snyk/feat/smoke-test
  • 41e8de2 chore(test): add regression test for valid JSON bodies
  • 7dfc027 test: kotlin monorepo --all-projects
  • 6e806fb feat: prefer build.gradle if kotlin also found
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs