Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 3 vulnerabilities #70

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Omrisnyk
Copy link
Owner

@Omrisnyk Omrisnyk commented Oct 6, 2024

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • admin-frontend/package.json
  • admin-frontend/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764
  137  
medium severity Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060
  59  
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
  58  
Release notes
Package name: cookie
  • 0.7.0 - 2024-10-02

    v0.6.0...v0.7.0

  • 0.6.0 - 2023-11-07
    • Add partitioned option
  • 0.5.0 - 2022-04-11
    • Add priority option
    • Fix expires option to reject invalid dates
    • pref: improve default decode speed
    • pref: remove slow string split in parse
  • 0.4.2 - 2022-02-02
    • pref: read value only when assigning in parse
    • pref: remove unnecessary regexp in parse
  • 0.4.1 - 2020-04-22
    • Fix maxAge option to reject invalid values
  • 0.4.0 - 2019-05-16
    • Add SameSite=None support
  • 0.3.1 - 2016-05-27
    • Fix sameSite: true to work with draft-7 clients
      • true now sends SameSite=Strict instead of SameSite
from cookie GitHub release notes
Package name: eslint
  • 9.0.0 - 2024-04-05

    Breaking Changes

    • b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
    • 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)
    • 79a95eb feat!: disallow multiple configuration comments for same rule (#18157) (Milos Djermanovic)
    • 9163646 feat!: Rule Tester checks for missing placeholder data in the message (#18073) (fnx)
    • 3c4d51d feat!: default for enforceForClassMembers in no-useless-computed-key (#18054) (Francesco Trotta)
    • 47e60f8 feat!: Stricter rule test validations (#17654) (fnx)
    • 1a94589 feat!: no-unused-vars default caughtErrors to 'all' (#18043) (Josh Goldberg ✨)
    • 57089cb feat!: no-restricted-imports allow multiple config entries for same path (#18021) (Milos Djermanovic)
    • 2e1d549 feat!: detect duplicate test cases (#17955) (Bryan Mishkin)
    • 701f1af feat!: no-inner-declaration new default behaviour and option (#17885) (Tanuj Kanti)
    • bde5105 fix!: handle --output-file for empty output when saving to disk (#17957) (Nitin Kumar)
    • 07107a5 fix!: upgrade eslint-scope@8.0.0 (#17942) (Milos Djermanovic)
    • 3ee0f6c fix!: no-unused-vars varsIgnorePattern behavior with catch arguments (#17932) (Tanuj Kanti)
    • 51f8bc8 fix!: configuration comments with just severity should retain options (#17945) (Milos Djermanovic)
    • d191bdd feat!: Remove CodePath#currentSegments (#17936) (Milos Djermanovic)
    • 946ae00 feat!: FlatRuleTester -> RuleTester (#17922) (Nicholas C. Zakas)
    • baff28c feat!: remove no-inner-declarations from eslint:recommended (#17920) (Milos Djermanovic)
    • cadfbcd feat!: Rename FlatESLint to ESLint (#17914) (Nicholas C. Zakas)
    • d1018fc feat!: skip running warnings in --quiet mode (#17274) (Maddy Miller)
    • fb81b1c feat!: Set default schema: [], drop support for function-style rules (#17792) (Milos Djermanovic)
    • 0b21e1f feat!: add two more cases to no-implicit-coercion (#17832) (Gürgün Dayıoğlu)
    • 2916c63 feat!: Switch Linter to flat config by default (#17851) (Nicholas C. Zakas)
    • 200518e fix!: Parsing 'exported' comment using parseListConfig (#17675) (amondev)
    • bdd6ba1 feat!: Remove valid-jsdoc and require-jsdoc (#17694) (Nicholas C. Zakas)
    • 12be307 fix!: Behavior of CLI when no arguments are passed (#17644) (Nicholas C. Zakas)
    • 8fe8c56 feat!: Update shouldUseFlatConfig and CLI so flat config is default (#17748) (Nicholas C. Zakas)
    • 60dea3e feat!: deprecate no-new-symbol, recommend no-new-native-nonconstructor (#17710) (Francesco Trotta)
    • 5aa9c49 feat!: check for parsing errors in suggestion fixes (#16639) (Bryan Mishkin)
    • b3e0bb0 feat!: assert suggestion messages are unique in rule testers (#17532) (Josh Goldberg ✨)
    • e563c52 feat!: no-invalid-regexp make allowConstructorFlags case-sensitive (#17533) (Josh Goldberg ✨)
    • e5f02c7 fix!: no-sequences rule schema correction (#17878) (MHO)
    • 6ee3e9e feat!: Update eslint:recommended configuration (#17716) (Milos Djermanovic)
    • c2cf85a feat!: drop support for string configurations in flat config array (#17717) (Milos Djermanovic)
    • c314fd6 feat!: Remove SourceCode#getComments() (#17715) (Milos Djermanovic)
    • ae78ff1 feat!: Remove deprecated context methods (#17698) (Nicholas C. Zakas)
    • f71c328 feat!: Swap FlatESLint-ESLint, FlatRuleTester-RuleTester in API (#17823) (Nicholas C. Zakas)
    • 5304da0 feat!: remove formatters except html, json(-with-metadata), and stylish (#17531) (Josh Goldberg ✨)
    • e1e827f feat!: Require Node.js ^18.18.0 || ^20.9.0 || >=21.1.0 (#17725) (Milos Djermanovic)

    Features

    • d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
    • 97ce45b feat: Add reportUsedIgnorePattern option to no-unused-vars rule (#17662) (Pearce Ropion)
    • 3e9fcea feat: Show config names in error messages (#18256) (Nicholas C. Zakas)
    • de40874 feat: Rule Performance Statistics for flat ESLint (#17850) (Mara Kiefer)
    • d85c436 feat: use-isnan report NaN in indexOf and lastIndexOf with fromIndex (#18225) (Tanuj Kanti)
    • b8fb572 feat: add reportUnusedFallthroughComment option to no-fallthrough rule (#18188) (Kirk Waiblinger)
    • 1c173dc feat: add ignoreClassWithStaticInitBlock option to no-unused-vars (#18170) (Tanuj Kanti)
    • a451b32 feat: make no-misleading-character-class report more granular errors (#18082) (Francesco Trotta)
    • c49ed63 feat: update complexity rule for optional chaining & default values (#18152) (Mathias Schreck)
    • 11144a2 feat: no-restricted-imports option added allowImportNames (#16196) (M Pater)
    • 74124c2 feat: add suggestions to use-isnan in indexOf & lastIndexOf calls (#18063) (StyleShit)
    • 53f0f47 feat: Add loadESLint() API method for v9 (#18097) (Nicholas C. Zakas)
    • 2d11d46 feat: add suggestions to use-isnan in binary expressions (#17996) (StyleShit)
    • 26093c7 feat: fix false negatives in no-this-before-super (#17762) (Yosuke Ota)
    • 5471e43 feat: convert unsafe autofixes to suggestions in no-implicit-coercion (#17985) (Gürgün Dayıoğlu)
    • e3051be feat: emit warning when .eslintignore file is detected (#17952) (Nitin Kumar)
    • a630edd feat: maintain latest ecma version in ESLint (#17958) (Milos Djermanovic)
    • b4e0503 feat: add no-useless-assignment rule (#17625) (Yosuke Ota)
    • 287c4b7 feat: no-misleading-character-class granular errors (#17515) (Josh Goldberg ✨)
    • 8792464 feat: Enable eslint.config.mjs and eslint.config.cjs (#17909) (Nicholas C. Zakas)
    • 24ce927 feat: warn by default for unused disable directives (#17879) (Bryan Mishkin)

    Bug Fixes

    • 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
    • e508800 fix: rule tester ignore irrelevant test case properties (#18235) (fnx)
    • a129acb fix: flat config name on ignores object (#18258) (Nicholas C. Zakas)
    • dadc5bf fix: constructor-super false positives with loops (#18226) (Milos Djermanovic)
    • ae8103d fix: load plugins in the CLI in flat config mode (#18185) (Francesco Trotta)
    • e37153f fix: improve error message for invalid rule config (#18147) (Nitin Kumar)
    • af6e170 fix: stop linting files after an error (#18155) (Francesco Trotta)
    • 0cb4914 fix: validate options when comment with just severity enables rule (#18133) (Milos Djermanovic)
    • c4d26fd fix: use-isnan doesn't report on SequenceExpressions (#18059) (StyleShit)
    • 39076fb fix: handle absolute file paths in RuleTester (#17989) (Nitin Kumar)
    • 6d11f3d fix: Ensure config keys are printed for config errors (#17980) (Nicholas C. Zakas)
    • 806f708 fix: no-misleading-character-class edge cases with granular errors (#17970) (Milos Djermanovic)
    • f182114 fix: deep merge behavior in flat config (#17906) (Francesco Trotta)
    • b577e8a fix: allow circular references in config (#17752) (Francesco Trotta)

    Documentation

    • e151050 docs: update get-started to the new @ eslint/create-config (#18217) (唯然)
    • 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
    • 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
    • 96607d0 docs: version selectors synchronization (#18260) (Milos Djermanovic)
    • 651ec91 docs: remove /* eslint-env */ comments from rule examples (#18249) (Milos Djermanovic)
    • 950c4f1 docs: Update README (GitHub Actions Bot)
    • 12f5746 docs: add info about dot files and dir in flat config (#18239) (Tanuj Kanti)
    • b93f408 docs: update shared settings example (#18251) (Tanuj Kanti)
    • 26384d3 docs: fix ecmaVersion in one example, add checks (#18241) (Milos Djermanovic)
    • 7747097 docs: Update PR review process (#18233) (Nicholas C. Zakas)
    • b07d427 docs: fix typo (#18246) (Kirill Gavrilov)
    • 778082d docs: add Glossary page (#18187) (Josh Goldberg ✨)
    • 239a7e2 docs: Clarify the description of sort-imports options (#18198) (gyeongwoo park)
    • 4769c86 docs: fix incorrect example in no-lone-blocks (#18215) (Tanuj Kanti)
    • 5251327 docs: Update README (GitHub Actions Bot)
    • 1dc8618 docs: Update README (GitHub Actions Bot)
    • ba1c1bb docs: Update README (GitHub Actions Bot)
    • 337cdf9 docs: Explain limitations of RuleTester fix testing (#18175) (Nicholas C. Zakas)
    • c7abd89 docs: Explain Node.js version support (#18176) (Nicholas C. Zakas)
    • d961eeb docs: show red underlines in examples in rules docs (#18041) (Yosuke Ota)
    • 558274a docs: Update README (GitHub Actions Bot)
    • 2908b9b docs: Update release documentation (#18174) (Nicholas C. Zakas)
    • 1f1260e docs: replace HackerOne link with GitHub advisory (#18165) (Francesco Trotta)
    • e5ef3cd docs: add inline cases condition in no-fallthrough (#18158) (Tanuj Kanti)
    • 450d0f0 docs: fix ignore option docs (#18154) (Francesco Trotta)
    • 5fe095c docs: show v8.57.0 as latest version in dropdown (#18142) (Milos Djermanovic)
    • 7db5bb2 docs: Show prerelease version in dropdown (#18135) (Nicholas C. Zakas)
    • 73a5f06 docs: Update README (GitHub Actions Bot)
    • f95cd27 docs: Disallow multiple rule configuration comments in the same example (#18116) (Milos Djermanovic)
    • d8068ec docs: Update link for schema examples (#18112) (Svetlana)
    • f1c7e6f docs: Switch to Ethical Ads (#18090) (Strek)
    • 15c143f docs: JS Foundation -> OpenJS Foundation in PR template (#18092) (Nicholas C. Zakas)
    • 6ea339e docs: add stricter rule test validations to v9 migration guide (#18085) (Milos Djermanovic)
    • 3c816f1 docs: use relative link from CLI to core concepts (#18083) (Milos Djermanovic)
    • 9458735 docs: fix malformed eslint config comments in rule examples (#18078) (Francesco Trotta)
    • 07a1ada docs: link from --fix CLI doc to the relevant core concept (#18080) (Bryan Mishkin)
    • b844324 docs: Update team responsibilities (#18048) (Nicholas C. Zakas)
    • aadfb60 docs: document languageOptions and other v9 changes for context (#18074) (fnx)
    • 857e242 docs: tweak explanation for meta.docs rule properties (#18057) (Bryan Mishkin)
    • 10485e8 docs: recommend messageId over message for reporting rule violations (#18050) (Bryan Mishki...

@Omrisnyk
Copy link
Owner Author

Omrisnyk commented Oct 6, 2024

🎉 Snyk hasn't found any issues so far.

code/snyk check is completed. No issues were found. (View Details)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants