[Snyk] Security upgrade npm from 5.6.0 to 7.0.0 #90
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.
Snyk changed the following file(s):
openshift/message-board/message-board-web/package.json
openshift/message-board/message-board-web/package-lock.json
Vulnerabilities that will be fixed with an upgrade:
SNYK-JS-IP-7148531
Release notes
Package name: npm
v7.0.0 (2020-10-12)
BUG FIXES
7bcdb3636
#1949 fix: ensurepublishConfig
is passed through (@ nlf)97978462e
fix: patchconfig.js
to remove duplicate vals (@ darcyclarke)DOCUMENTATION
60769d757
#1911 docs: v7 npm-install refresh (@ ruyadorno)08de49042
#1938 docs: v7 using npm config updates (@ ruyadorno)DEPENDENCIES
15366a1cf
npm-registry-fetch@8.1.5
f04a74140
init-package-json@2.0.0
1de21dce0
fix: support dot-separated aliases defined in a.npmrc
ini files forinit-*
configs (@ ruyadorno)a67275cd9
eslint@7.11.0
6fb83b78d
hosted-git-info@3.0.6
1ca30cc9b
libnpmfund@1.0.0
28a2d2ba4
@ npmcli/arborist@1.0.0
peerDependencies
in transitive dependencies, so that--force
will always accept a best effort override, and--strict-peer-deps
will fail faster on conflicts.9306c6833
libnpmfund@1.0.1
fafb348ef
npm-package-arg@8.1.0
365f2e756
read-package-json@3.0.0
v7.0.0-rc.4 (2020-10-09)
09b456f2d
@ npmcli/config@1.2.1
npm_config_user_agent
env variable (@ nlf)e859fba9e
#1936 fix npx for non-interactive shells (@ nlf)9320b8e4f
#1906 restore old npx behavior of running existing bins first (@ nlf)7bd47ca2c
@ npmcli/arborist@0.0.33
02737453b
make-fetch-happen@8.0.10
v7.0.0-rc.3 (2020-10-06)
d816c2efa
c8f0d5457
d48086d0d
f34595f2e
#1902 tests for several commands (@ nlf)6d49207db
#1903 Revert "Remove unused npx binary" (@ MylesBorins)138dfc202
set executable permissions on bins that node installer usesb06d68078
@ npmcli/arborist@0.0.32
node_modules
folders from Workspaces whenloadActual
races withbuildIdealTree
(@ ruyadorno)2509e3a1b
uuid@8.3.1
v7.0.0-rc.2 (2020-10-02)
6de81a013
@ npmcli/run-script@1.7.2
v7.0.0-rc.1 (2020-10-02)
281a7f39a
@ npmcli/arborist@0.0.31
npm update
to update bundled root dependenciesbinding.gyp
384f5ec47
update minipass-fetch to fix many 'cb() never called' errors7b1e75906
@ npmcli/run-script@1.7.1
binding.gyp
c20e2f0c7
#1892 Support--omit
options in npm outdatedv7.0.0-rc.0 (2020-10-01)
3b417055c
#1859 fixproxy
andhttps-proxy
config support (@ badeggg)dd7d7a284
@ npmcli/arborist@0.0.30
40c17e12c
cli-table3@0.6.0
47a8ca1d7
byte-size@7.0.0
81073f99a
eslint@7.10.0
67793abd4
eslint-plugin-import@2.22.1
a27e8d006
is-cidr@4.0.2
893fed45e
marked-man@0.7.0
bc20e0c8a
rimraf@3.0.2
a2b8fd3c1
uuid@8.3.0
ee4c85b87
write-file-atomic@3.0.3
4bdad5fdf
bin-links@2.2.1
c394937ec
@ npmcli/run-script@1.7.0
558e9781a
deep-equal2aa9a1f8a
requestd77594e52
npm-registry-couchapp8ec84d9f6
tacksa07b421f7
lincesee41126e165
npm-cache-filename130da51b5
npm-registry-mockb355af486
sprintf-js721c0a873
uid-number9c920e5f5
umaskaae1c38bb
config-chain450845eac
find-npm-prefix963d542d3
has-unicodecad9cbc70
infer-owner3ae02914d
lockfile7bc474d7c
once5c5e0099a
retrycfaddd334
sha3a978ffc7
slidev7.0.0-beta.13 (2020-09-29)
405e051f7
Fix EBADPLATFORM error message (@#1876)e4d911d21
@ npmcli/arborist@0.0.28
90550b2e0
#1853 test coverage and refactor for token command (@ nlf)2715220c9
#1858 #1813 do not include omitted optional dependencies in install output (@ ruyadorno)e225ddcf8
#1862 #1861 respect depth when runningnpm ls <pkg>
(@ ruyadorno)2469ae515
#1870 #1780 Add 'fetch-timeout' config (@ isaacs)52114b75e
#1871 fixnpm ls
for linked dependencies (@ ruyadorno)9981211c0
#1857 #1703 fixnpm outdated
parsing invalid specs (@ ruyadorno)v7.0.0-beta.12 (2020-09-22)
24f3a5448
#1811 npm ci should never save package.json or lockfile (@ isaacs)5e780a5f0
remove unused spec parameter, assign error code (@ nlf)f019a248a
Remove unused npx binary (@ isaacs)db157b3ce
@ npmcli/arborist@0.0.27
strictPeerDeps
option, defaulting tofalse
b3a50d275
#1846@ npmcli/run-script@1.6.0
a1d375f6b
#1819 Add--strict-peer-deps
option (@ isaacs)5837a4843
#1699 Use allow/deny list in docs (@ luciomartinez)v7.0.0-beta.11 (2020-09-16)
63005f4a9
#1639 npm view should not output extra newline (@ MylesBorins)3743a42c8
#1750 add outdated tests (@ claudiahdz)2019abdf1
#1786 add lib/link.js tests (@ ruyadorno)2f8d11968
@ npmcli/arborist@0.0.25
49b2bf5a7
@ npmcli/config@1.1.8
f9aac351d
libnpmversion@1.0.5
v7.0.0-beta.10 (2020-09-08)
7418970f0
Improve output of dependency node explanations5e49bdaa3
#1776 Add 'npm explain' commandImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Server-Side Request Forgery (SSRF)