vlasn / mets-be

Metsahaldur backend
0 stars 1 forks source link

[Snyk] Fix for 1 vulnerabilities #43

Closed snyk-bot closed 11 months ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: nodemon The new version differs by 16 commits.
  • ee92ee4 test: split require tests
  • 33ae6da test: fix failing test when required
  • a4490e2 fix: package.json & package-lock.json to reduce vulnerabilities
  • 9bd07eb docs: changed verbose logging and CLI documentation to reflect support single file watch functionality
  • c279760 test: make sigint test to actually check child pid (#1656)
  • cd45d74 test: fix fork test
  • 496c335 chore: undo change to spawn code
  • 47dfb8b fix: pipe stderr correctly
  • ed91703 fix: ubuntu loop waiting for sub processes
  • 9a67f36 feat: update chokidar to v3
  • 6781b40 docs: add license file
  • 0e6ba3c fix: wait for all subprocesses to terminate (fixes issue #1476)
  • b58cf7d chore: Merge branch 'master'
  • 95a4c09 docs: add to faq
  • 3a2eaf7 choe: merge master
  • 3d90879 chore: add logo to site
See the full diff
Package name: standard The new version differs by 250 commits.
  • 558df00 14.3.2
  • a8e318e Add changelog entry for 14.3.2
  • 133a4c9 Merge pull request #1492 from standard/eslint68
  • a2df23b Upgrade ESLint to 6.8.x
  • fb7e2a3 remove sponsor
  • ecda198 Update README.md
  • 4bc1671 Update README.md
  • e514626 add sponsor
  • 2b86c68 spacing
  • a702d2e Reposition CodeFund sponsorship link (#1446)
  • a28b5d0 Reposition CodeFund sponsorship link
  • 0f86fb9 Merge pull request #1445 from ZY2071/master
  • b4726d7 perf: Change the examples for rule 'No octal literals' .
  • 4bdaa2f perf: make the rule 'No octal literals' more specific.
  • f5d758e Update README-ja.md for d901c54 (#1435)
  • be249c3 Update README-ja.md for d901c54
  • cfb84fa Update README.md with working Typescript setup (#1434)
  • f4d3113 Update links to correct organization in README (#1433)
  • d901c54 Update README.md with working Typescript setup
  • 809e78a Update README-ja.md for 3e6b299 (#1432)
  • 91bc8fb Update README-ja.md for 3e6b299
  • 3e6b299 Update README.md
  • d5c7ded Add CodeFund sponsorship message to README (#1425)
  • c4f168e fix typo (#1423)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic