Open twilio-product-security opened 1 year ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-MINIMATCH-3050818
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: mocha
The new version differs by 128 commits.- 24b5243 build(v9.2.2): release
- 22a1560 build(v9.2.2): update CHANGELOG [ci skip]
- 632e602 chore: update dependencies (#4843)
- 241964b fix: wrong error thrown while loading reporter (#4842)
- 22f9306 fix(dry-run): potential call-stack crash with 'dry-run' option (#4839)
- 547ffd7 build(v9.2.1): release
- ca7432a build(v9.2.1): update CHANGELOG [ci skip]
- 86305cf fix: wrong error thrown while loading config files (#4832)
- 11c4560 fix: configurable max diff size (#4799)
- 509938d doc: fix to show sponsors in narrow view (#4793)
- cc51b8f build(v9.2.0): release
- dea3115 build(v9.2.0): update CHANGELOG [ci skip]
- 1825645 chore: update dependencies (#4818)
- bc0fda2 chore: update some devDependencies (#4816)
- 8b089a2 feat(parallel): assign each worker a worker-id (#4813)
- 9fbf3ae chore: run Netlify deploy on Node v16 (#4778) [ci skip]
- f297790 chore: switch 'linkify-changelog.js' to ESM (#4812) [ci skip]
- 0a1b7f8 build(v9.1.4): release
- a04d050 build(v9.1.4): update CHANGELOG [ci skip]
- baa12fd fix: wrong error thrown if loader is used (#4807)
- 60fafa4 Update copyright year in LICENSE (#4804)
- 3b4cc05 chore(devDeps): remove 'cross-spawn' (#4779)
- a99d40c chore(ci): add Node v17 to test matrix (#4777)
- ac43029 chore(devDeps): update 'prettier' (#4776)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)