Closed sbansla closed 11 months ago
Upgraded dependencies for semver which was vulnerable to Regular Expression Denial of Service https://github.com/twilio/twilio-node/issues/959
After upgrading semver versions: ├─┬ @babel/preset-env@7.23.2 │ ├─┬ @babel/core@7.21.4 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/helper-compilation-targets@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/plugin-syntax-unicode-sets-regex@7.18.6 │ │ └─┬ @babel/helper-create-regexp-features-plugin@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/plugin-transform-class-properties@7.22.5 │ │ └─┬ @babel/helper-create-class-features-plugin@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ babel-plugin-polyfill-corejs2@0.4.6 │ │ └── semver@6.3.1 deduped │ └── semver@6.3.1 ├─┬ jest@29.7.0 │ └─┬ @jest/core@29.7.0 │ ├─┬ @jest/reporters@29.7.0 │ │ ├─┬ istanbul-lib-instrument@6.0.1 │ │ │ └── semver@7.5.4 │ │ └─┬ istanbul-lib-report@3.0.1 │ │ └─┬ make-dir@4.0.0 │ │ └── semver@7.5.4 │ └─┬ jest-snapshot@29.7.0 │ └── semver@7.5.4 ├─┬ jsonwebtoken@9.0.2 │ └── semver@7.5.4 └─┬ ts-jest@29.1.1 ├─┬ babel-jest@29.7.0 │ └─┬ babel-plugin-istanbul@6.1.1 │ └─┬ istanbul-lib-instrument@5.2.1 │ └── semver@6.3.1 deduped └── semver@7.5.4
If you have questions, please file a support ticket, or create a GitHub Issue in this repository.
Kudos, SonarCloud Quality Gate passed!
0 Bugs 0 Vulnerabilities 0 Security Hotspots 0 Code Smells
No Coverage information No Duplication information
Fixes
Upgraded dependencies for semver which was vulnerable to Regular Expression Denial of Service https://github.com/twilio/twilio-node/issues/959
After upgrading semver versions: ├─┬ @babel/preset-env@7.23.2 │ ├─┬ @babel/core@7.21.4 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/helper-compilation-targets@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/plugin-syntax-unicode-sets-regex@7.18.6 │ │ └─┬ @babel/helper-create-regexp-features-plugin@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ @babel/plugin-transform-class-properties@7.22.5 │ │ └─┬ @babel/helper-create-class-features-plugin@7.22.15 │ │ └── semver@6.3.1 deduped │ ├─┬ babel-plugin-polyfill-corejs2@0.4.6 │ │ └── semver@6.3.1 deduped │ └── semver@6.3.1 ├─┬ jest@29.7.0 │ └─┬ @jest/core@29.7.0 │ ├─┬ @jest/reporters@29.7.0 │ │ ├─┬ istanbul-lib-instrument@6.0.1 │ │ │ └── semver@7.5.4 │ │ └─┬ istanbul-lib-report@3.0.1 │ │ └─┬ make-dir@4.0.0 │ │ └── semver@7.5.4 │ └─┬ jest-snapshot@29.7.0 │ └── semver@7.5.4 ├─┬ jsonwebtoken@9.0.2 │ └── semver@7.5.4 └─┬ ts-jest@29.1.1 ├─┬ babel-jest@29.7.0 │ └─┬ babel-plugin-istanbul@6.1.1 │ └─┬ istanbul-lib-instrument@5.2.1 │ └── semver@6.3.1 deduped └── semver@7.5.4
Checklist
If you have questions, please file a support ticket, or create a GitHub Issue in this repository.