vlasn / mets-be

Metsahaldur backend
0 stars 1 forks source link

[Snyk] Security upgrade xlsx from 0.12.13 to 0.17.0 #39

Closed snyk-bot closed 11 months ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-XLSX-1311137
No Proof of Concept
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-XLSX-1311139
No Proof of Concept
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-XLSX-1311141
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: xlsx The new version differs by 109 commits.
  • 3542d62 version bump 0.17.0
  • 6c5db36 AWS Lambda Binary Media Types
  • 59b3dae Tested the MongoDB scripts and fixed them
  • e958dbf Refresh server demos
  • 1d7aff4 suppress modified test files
  • f8c0a86 [Tests] migrate tests to Github Actions
  • 58e59dc updates to react demo
  • 333deae write and parse ods in mini build (#2197)
  • 20212e1 version bump 0.16.9: utf-8 codenames
  • f7835d6 Add support for outline configuration
  • eec93b0 Fixed parsing for first cell in .fods documents
  • 6ecfeb6 Added google sheet example
  • b0e68a9 Add escape slash to cell matcher
  • 9f1ba60 version bump 0.16.8: CRLF in formulae
  • b9323c5 Update 78_writebiff.js
  • d4cfadb Fix #2071
  • 5985739 Mark generated files as binary
  • 542636b Update 80_parseods.js
  • 82b7ada version bump 0.16.7
  • 0cc6cc9 XLSX verify formula is string (fixes #1703)
  • 2c5a863 Removed null ws return from 90_utils
  • 2e32611 version bump 0.16.6: xlfn option
  • 3b589f0 XLSX SST treat <si></si> as empty (fixes #2083)
  • abed474 whitespace check (fixes #2075)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic