search

tonesto7 / homebridge-smartthings

SmartThings Homebridge Plugin
384 stars 770 forks source link

[Snyk] Upgrade snyk from 1.380.0 to 1.436.0 #396

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade snyk from 1.380.0 to 1.436.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-INI-1048974		 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: snyk
  • 1.436.0 - 2020-12-10

    1.436.0 (2020-12-10)

    Features

    • bump gradle plugin to support non root gradlew for reachable vulns (fa80a71)
  • 1.435.1 - 2020-12-10

    1.435.1 (2020-12-10)

    Bug Fixes

    • Group issues should also group names (4ddf826)
  • 1.435.0 - 2020-12-10

    1.435.0 (2020-12-10)

    Features

    • analytics- enable getting a command version (8097297)
  • 1.434.4 - 2020-12-09

    1.434.4 (2020-12-09)

    Bug Fixes

    • add graph conversion while pruning duration analytics (0894113)
  • 1.434.3 - 2020-12-08

    1.434.3 (2020-12-08)

    Bug Fixes

    • show users 404 when a non existing package is scanned (9b26e2b)
  • 1.434.2 - 2020-12-04

    1.434.2 (2020-12-04)

    Bug Fixes

    • show spinner scanning ecosystem (42be990)
  • 1.434.1 - 2020-12-04

    1.434.1 (2020-12-04)

    Bug Fixes

    • Include all sarif results under a single run (4e3a699)
  • 1.434.0 - 2020-12-03

    1.434.0 (2020-12-03)

    Features

    • improve class path discovery for maven projects (91a60ab)
  • 1.433.0 - 2020-12-01

    1.433.0 (2020-12-01)

    Features

    • maven support aar unmanaged files (93ef66a)
  • 1.432.1 - 2020-12-01

    1.432.1 (2020-12-01)

    Bug Fixes

    • Error output for mismatched options (d79edf6)
  • 1.432.0 - 2020-12-01
  • 1.431.4 - 2020-11-30
  • 1.431.3 - 2020-11-30
  • 1.431.2 - 2020-11-27
  • 1.431.1 - 2020-11-24
  • 1.431.0 - 2020-11-24
  • 1.430.2 - 2020-11-23
  • 1.430.1 - 2020-11-23
  • 1.430.0 - 2020-11-20
  • 1.429.0 - 2020-11-20
  • 1.428.2 - 2020-11-19
  • 1.428.1 - 2020-11-19
  • 1.428.0 - 2020-11-18
  • 1.427.2 - 2020-11-17
  • 1.427.1 - 2020-11-17
  • 1.427.0 - 2020-11-15
  • 1.426.0 - 2020-11-13
  • 1.425.4 - 2020-11-13
  • 1.425.3 - 2020-11-11
  • 1.425.2 - 2020-11-10
  • 1.425.1 - 2020-11-09
  • 1.425.0 - 2020-11-09
  • 1.424.4 - 2020-11-05
  • 1.424.3 - 2020-11-05
  • 1.424.2 - 2020-11-04
  • 1.424.1 - 2020-11-04
  • 1.424.0 - 2020-11-03
  • 1.423.0 - 2020-11-03
  • 1.422.1 - 2020-11-03
  • 1.422.0 - 2020-11-02
  • 1.421.1 - 2020-10-29
  • 1.421.0 - 2020-10-28
  • 1.420.2 - 2020-10-28
  • 1.420.1 - 2020-10-25
  • 1.420.0 - 2020-10-23
  • 1.419.1 - 2020-10-21
  • 1.419.0 - 2020-10-20
  • 1.418.0 - 2020-10-20
  • 1.417.0 - 2020-10-20
  • 1.416.0 - 2020-10-19
  • 1.415.0 - 2020-10-18
  • 1.414.1 - 2020-10-16
  • 1.414.0 - 2020-10-15
  • 1.413.5 - 2020-10-15
  • 1.413.4 - 2020-10-15
  • 1.413.3 - 2020-10-13
  • 1.413.2 - 2020-10-09
  • 1.413.1 - 2020-10-09
  • 1.413.0 - 2020-10-09
  • 1.412.0 - 2020-10-09
  • 1.411.0 - 2020-10-09
  • 1.410.4 - 2020-10-08
  • 1.410.3 - 2020-10-07
  • 1.410.2 - 2020-10-06
  • 1.410.1 - 2020-10-06
  • 1.410.0 - 2020-10-06
  • 1.409.1 - 2020-10-05
  • 1.409.0 - 2020-10-05
  • 1.408.0 - 2020-10-05
  • 1.407.0 - 2020-10-05
  • 1.406.0 - 2020-10-01
  • 1.405.1 - 2020-09-30
  • 1.405.0 - 2020-09-30
  • 1.404.0 - 2020-09-29
  • 1.403.0 - 2020-09-29
  • 1.402.0 - 2020-09-28
  • 1.401.0 - 2020-09-25
  • 1.400.0 - 2020-09-24
  • 1.399.1 - 2020-09-22
  • 1.399.0 - 2020-09-21
  • 1.398.1 - 2020-09-16
  • 1.398.0 - 2020-09-15
  • 1.397.1 - 2020-09-15
  • 1.397.0 - 2020-09-15
  • 1.396.0 - 2020-09-15
  • 1.395.0 - 2020-09-14
  • 1.394.0 - 2020-09-14
  • 1.393.1 - 2020-09-14
  • 1.393.0 - 2020-09-10
  • 1.392.1 - 2020-09-08
  • 1.392.0 - 2020-09-08
  • 1.391.1 - 2020-09-07
  • 1.391.0 - 2020-09-07
  • 1.390.0 - 2020-09-07
  • 1.389.0 - 2020-09-04
  • 1.388.0 - 2020-09-02
  • 1.387.1 - 2020-09-01
  • 1.387.0 - 2020-09-01
  • 1.386.0 - 2020-08-28
  • 1.385.2 - 2020-08-28
  • 1.385.1 - 2020-08-28
  • 1.385.0 - 2020-08-26
  • 1.384.0 - 2020-08-25
  • 1.383.1 - 2020-08-25
  • 1.383.0 - 2020-08-25
  • 1.382.1 - 2020-08-25
  • 1.382.0 - 2020-08-24
  • 1.381.2 - 2020-08-23
  • 1.381.1 - 2020-08-20
  • 1.381.0 - 2020-08-20
  • 1.380.0 - 2020-08-19
from snyk GitHub release notes
Commit messages
Package name: snyk
  • cc73cc6 Merge pull request #1562 from snyk/feat/bump-gradle-plugin
  • fa80a71 feat: bump gradle plugin to support non root gradlew for reachable vulns
  • 6a6b7a8 Merge pull request #1554 from snyk/fix/group-vulns-name
  • 3a2b412 Merge pull request #1552 from snyk/feat/get-command-version
  • 00a8ad0 test: fix analytics test, add analytics jest tests
  • 420c95d Merge pull request #1544 from snyk/fix/add-prune-duration
  • 4b7ab8a Merge pull request #1557 from snyk/fix/indicative-message-for-missing-packages
  • 9b26e2b fix: show users 404 when a non existing package is scanned
  • 4ddf826 fix: Group issues should also group names
  • 47eaff9 Merge pull request #1556 from snyk/feat/maven-unmanaged-aar-files
  • 9d83013 chore: help text for unmanaged aar files
  • 4a656f9 Merge pull request #1555 from snyk/fix/show-spinner-scaning-ecosystem
  • 42be990 fix: show spinner scanning ecosystem
  • 0ae410d Merge pull request #1550 from snyk/fix/iac-sarif-output-CC-525
  • 942b83c test: add tests to analytics npm version capture
  • 0b5c486 Merge pull request #1553 from snyk/feat/improve-class-path-discovery
  • 8097297 feat: analytics- enable getting a command version
  • 91a60ab feat: improve class path discovery for maven projects
  • 7606a5b Merge pull request #1551 from snyk/feat/maven-unmanaged-aar-files
  • 534fcdf Merge pull request #1540 from snyk/fix/sarif-json-error-CC-401
  • 93ef66a feat: maven support aar unmanaged files
  • 477aaef chore: Update IaC sarif tests to cover path
  • 669cb21 Merge pull request #1543 from snyk/feat/json-group-vulns
  • 4e3a699 fix: Include all sarif results under a single run
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs