search

thobach / MMM-Gestures

MMM-Gestures is a head-less 3rd party module for MagicMirror that allows to control the Magic Mirror via gestures of two types of infrared sensors. Use cases include presence awareness to trigger compliments or go into sleep mode and scrolling through news tickers or view news details.
http://blog.thomas-bachmann.com/2016/02/magic-mirror-2-0-mit-gestensteuerung.html
41 stars 12 forks source link

[Snyk] Upgrade serialport from 9.0.1 to 9.2.8 #16

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade serialport from 9.0.1 to 9.2.8.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-SIMPLEGET-2361683		 547/1000
Why? Proof of Concept exploit, CVSS 8.8		 Proof of Concept
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 547/1000
Why? Proof of Concept exploit, CVSS 8.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 547/1000
Why? Proof of Concept exploit, CVSS 8.8		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 547/1000
Why? Proof of Concept exploit, CVSS 8.8		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: serialport
  • 9.2.8 - 2021-11-26

    v9.2.8

  • 9.2.7 - 2021-11-18

    v9.2.7

  • 9.2.5 - 2021-10-31

    v9.2.5

  • 9.2.4 - 2021-09-28

    v9.2.4

  • 9.2.3 - 2021-09-24
  • 9.2.1 - 2021-09-03
  • 9.2.0 - 2021-06-19
  • 9.1.0 - 2021-05-28
  • 9.0.8 - 2021-05-24
  • 9.0.7 - 2021-02-22
  • 9.0.6 - 2021-01-20
  • 9.0.4 - 2020-12-17
  • 9.0.3 - 2020-12-04
  • 9.0.2 - 2020-10-16
  • 9.0.1 - 2020-08-08
from serialport GitHub release notes
Commit messages
Package name: serialport
  • e90a432 v9.2.8
  • 7aac184 docs: update publishing information
  • fc93cb6 fix: OSX List Make sure necessary cleanups such as uv_mutex_unlock are called always. (#2343)
  • 9997085 fix: Electron 14+ installs (#2360)
  • ea358da docs: fix broken 'Guides' link (#2358)
  • e2ad9fb fix: drop node 17 builds (#2356)
  • c243b07 v9.2.7
  • ab19edb v9.2.6
  • cbf45ae chore: update docs (#2355)
  • bd15bbd chore: (deps-dev): bump node-abi from 3.3.0 to 3.5.0 (#2354)
  • 186bd21 chore: add some required fields on the bug report
  • 8ccb4e7 chore: rework issue templates (#2349)
  • cd0a51d v9.2.5
  • 52bbaa2 chore: Update build deps and commander (#2336)
  • 9d57b2b chore: update all dev deps (#2335)
  • 684db81 serialport_unix: Include sys/ioctl.h on NetBSD (#2332)
  • 7e38a79 chore: (deps-dev): bump node-abi from 3.2.0 to 3.3.0 (#2333)
  • 3ca00ce Fixed EIO_List to prevent crash when a device has no COM port (#2325)
  • 494fd0f v9.2.4
  • c60e7f2 chore: revert package-locks to npm 6
  • f78f02c Automate changelog (#2298)
  • 5c392f0 chore: (deps-dev): bump node-abi from 3.1.0 to 3.2.0 (#2324)
  • 176149a v9.2.3
  • f4e3e18 v9.2.2
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

thobach commented 2 years ago

addressed in https://github.com/thobach/MMM-Gestures/commit/a6415b6300e6cadcd58cfb5a60c85c618281ee8a instead