search

vergissberlin / andrelademann-de-express

Personal web page
2 stars 1 forks source link

[Snyk] Upgrade handlebars from 4.0.10 to 4.7.6 #112

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade handlebars from 4.0.10 to 4.7.6.

merge advice

:sparkles: Snyk has automatically assigned this pull request, set who gets assigned. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-HANDLEBARS-534988		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary Code Execution
SNYK-JS-HANDLEBARS-534478		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-HANDLEBARS-480388		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-HANDLEBARS-469063		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-HANDLEBARS-174183		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-HANDLEBARS-173692		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-HANDLEBARS-567742		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: handlebars
  • 4.7.6 - 2020-04-03

    v4.7.6

  • 4.7.5 - 2020-04-02

    v4.7.5

  • 4.7.4 - 2020-04-01

    v4.7.4

  • 4.7.3 - 2020-02-05

    v4.7.3

  • 4.7.2 - 2020-01-13

    v4.7.2

  • 4.7.1 - 2020-01-12

    v4.7.1

  • 4.7.0 - 2020-01-10

    v4.7.0

  • 4.6.0 - 2020-01-08

    v4.6.0

  • 4.5.3 - 2019-11-18

    v4.5.3

  • 4.5.2 - 2019-11-13
  • 4.5.1 - 2019-10-29
  • 4.5.0 - 2019-10-28
  • 4.4.5 - 2019-10-20
  • 4.4.4 - 2019-10-20
  • 4.4.3 - 2019-10-08
  • 4.4.2 - 2019-10-02
  • 4.4.1 - 2019-10-02
  • 4.4.0 - 2019-09-29
  • 4.3.5 - 2019-10-02
  • 4.3.4 - 2019-09-28
  • 4.3.3 - 2019-09-27
  • 4.3.2 - 2019-09-26
  • 4.3.1 - 2019-09-24
  • 4.3.0 - 2019-09-24
  • 4.2.2 - 2019-10-02
  • 4.2.1 - 2019-09-20
  • 4.2.0 - 2019-09-03
  • 4.1.2 - 2019-04-13
  • 4.1.2-0 - 2019-08-25
  • 4.1.1 - 2019-03-16
  • 4.1.0 - 2019-02-07
  • 4.0.14 - 2019-04-13
  • 4.0.13 - 2019-02-07
  • 4.0.12 - 2018-09-04
  • 4.0.11 - 2017-10-17
  • 4.0.10 - 2017-05-21
from handlebars GitHub release notes
Commit messages
Package name: handlebars
  • e6ad93e v4.7.6
  • 2bf4fc6 Update release notes
  • b64202b Update release-notes.md
  • c2f1e62 Switch cmd parser to latest minimist
  • 08e9a11 Revert "chore: set Node.js compatibility to v6+"
  • 1fd2ede v4.7.5
  • 3c9c2f5 Update release notes
  • 16487a0 chore: downgrade yargs to v14
  • 309d2b4 chore: set Node.js compatibility to v6+
  • 645ac73 test: fix integration tests
  • b454b02 docs: update release-docs in CONTRIBUTING.md
  • 7adc19a v4.7.4
  • 9dd8d10 Update release notes
  • 4671c4b Use tmp directory for files written during tests
  • e46baa1 tasks/test-bin.js: Delete duplicate test
  • c491b4e Revert "Update release-notes.md"
  • 738391a Update release-notes.md
  • 80c4516 chore: add unit tests for cli options (#1666)
  • d79212a fix: migrate from optimist to yargs (#1666)
  • b440c38 chore: ignore external @types in tests
  • 2dba7ee docs: fix comparison link
  • c978969 v4.7.3
  • 9278f21 Update release notes
  • d78cc73 Fixes spelling and punctuation
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs