theQRL / qrl-wallet

QRL Wallet
https://wallet.theqrl.org
MIT License
48 stars 27 forks source link

[Snyk] Security upgrade snyk from 1.434.3 to 1.667.0 #491

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3
Denial of Service (DoS)
SNYK-JS-JSZIP-1251497
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: snyk The new version differs by 250 commits.
  • 8387aed Merge pull request #2111 from snyk/fix/update-jszip
  • e686299 fix: update plugins package versions
  • 7f0b32e Merge pull request #2108 from snyk/smoke/binary-cdn
  • e974b9d test: use binary from cdn for smoke tests
  • 64e3fe8 Merge pull request #2107 from snyk/refactor/analytics-tests
  • 0f2a7e3 refactor: call anaytics module the right way
  • 0b833f6 refactor: use await syntax rather than callbacks
  • fce83d5 Merge pull request #2096 from snyk/feat/iac-tracking
  • f7f2961 feat: track IaC local execution tests [CC-972]
  • 9e7f79a Merge pull request #2104 from snyk/feat/centralize-colors
  • 3292ffb feat: Centralize icons and err messages by theme
  • e3c3ac0 feat: central colors theme
  • 2aecd40 Merge pull request #2074 from snyk/docs/update-protect-readme
  • 0203c6c Merge pull request #2100 from snyk/fix/propagate-error-message
  • 7416bc9 docs: update protect readme
  • 42288e0 fix: propagate userMessage to 404 errors
  • 77336a0 Merge pull request #2099 from snyk/test/migrate-trust-policies-jest
  • e2106f1 test: migrate trust-policies to jest
  • b227f78 Merge pull request #2095 from snyk/protect/smoke-tests
  • 20b05d0 Merge pull request #2087 from snyk/chore/async-test-with-polling
  • d7f23e0 Merge pull request #2098 from snyk/fix/bump-docker-plugin
  • cb2ecf1 fix: bump docker plugin version with fixes
  • 697f81f chore(protect): fix production test caching
  • d21cff7 chore: init support async test with polling
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

πŸ›  Adjust project settings

πŸ“š Read more about Snyk's upgrade and patch logic