[Snyk] Upgrade: adm-zip, ms, cfenv, consolidate, dustjs-helpers, errorhandler, express-session, hbs, jquery, marked, mongoose, stream-buffers, typeorm, validator #4
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
adm-zip
from 0.5.2 to 0.5.16 | 14 versions ahead of your current version | 22 days ago
on 2024-08-30
ms
from 2.0.0 to 2.1.3 | 4 versions ahead of your current version | 4 years ago
on 2020-12-08
cfenv
from 1.2.2 to 1.2.4 | 2 versions ahead of your current version | 3 years ago
on 2021-04-07
consolidate
from 0.14.5 to 0.16.0 | 3 versions ahead of your current version | 4 years ago
on 2020-09-08
dustjs-helpers
from 1.5.0 to 1.7.4 | 9 versions ahead of your current version | 7 years ago
on 2017-12-09
errorhandler
from 1.5.0 to 1.5.1 | 1 version ahead of your current version | 5 years ago
on 2019-05-09
express-session
from 1.17.2 to 1.18.0 | 2 versions ahead of your current version | 8 months ago
on 2024-01-28
hbs
from 4.1.2 to 4.2.0 | 1 version ahead of your current version | 3 years ago
on 2021-11-17
jquery
from 3.5.0 to 3.7.1 | 8 versions ahead of your current version | a year ago
on 2023-08-28
marked
from 4.0.10 to 4.3.0 | 25 versions ahead of your current version | a year ago
on 2023-03-22
mongoose
from 5.13.20 to 5.13.22 | 2 versions ahead of your current version | 9 months ago
on 2024-01-02
stream-buffers
from 3.0.2 to 3.0.3 | 1 version ahead of your current version | 3 months ago
on 2024-06-17
typeorm
from 0.3.18 to 0.3.20 | 17 versions ahead of your current version | 8 months ago
on 2024-01-26
validator
from 13.7.0 to 13.12.0 | 3 versions ahead of your current version | 4 months ago
on 2024-05-09
Issues fixed by the recommended upgrade:
SNYK-JS-UNDERSCORE-1080984
Release notes
Package name: adm-zip
What's Changed
New Contributors
Full Changelog: v0.5.15...v0.5.16
What's Changed
New Contributors
Full Changelog: v0.5.14...v0.5.15
Fixed an issue introduced on version 0.5.13 requiring a new mandatory parameter on the inflater on nodejs version >= 15
Fixed extraction error
v0.5.9
v0.5.8
v0.5.7
Package name: ms
Patches
Credits
Huge thanks to @ getsnoopy for helping!
Patches
10-.5
is invalid input: #117Credits
Huge thanks to @ yuler and @ 7ma7X for helping!
Patches
Credits
Huge thanks to @ thevtm for helping!
Minor Changes
Patches
Credits
Huge thanks to @ yoavmmn and @ binki for helping!
Major Changes
Patches
Credits
Huge thanks to @ karenyavine for their help!
Package name: cfenv
No content.
version 1.2.3
No content.
Package name: consolidate
Package name: dustjs-helpers
Version 1.7.4
Version 1.7.3
Version 1.7.2
Version 1.7.1
Notable Changes
{@ select}
New behavior:
key
is no longer required. If it is not provided,key
must be present on individual truth tests inside the select block.type
can be attached to the select to apply it to all truth tests inside (and a truth test can override the type)undefined
and atype
is provided, the undefined value will be cast totype
.{@ default}
{@ default}
has been removed after being deprecated in 1.6.You can replace
{@ default}
with{@ none}
in your templates without any change in functionality (but you can have more than one{@ none}
block, and only one{@ default}
was allowed.){@ size}
{@ size}
will evaluate Dust template strings and provide the size of the result.{@ math}
{@ any}
and{@ none}
now work inside{@ math}
blocks.Notable Changes
dust.makeBase
in Dust <= 2.6.2 (most commonly seen if you use Adaro)Notable Changes
{@ select}
state handling.Version 1.6.1
The helpers can now be included as an AMD module alongside Dust 2.6.0 or newer.
New helpers:
{@ any}
, which executes if any truth test in a{@ select}
block passes.{@ none}
, the opposite{@ first}
, executes on the first iteration of a loop{@ last}
... you get the ideaRemoved helpers: https://github.com/linkedin/dustjs-helpers/wiki/Deprecated-Features
{@ if}
(use other truth test helpers or context helpers instead){@ idx}
(use {$idx}, a Dust core built-in, insteadPackage name: errorhandler
Package name: express-session
partitioned
tocookie
optionspriority
tocookie
optionssecret
thatcrypto.createHmac
supportsexpires
option to reject invalid datesres.end
patch to always commit headersPackage name: hbs
v4.2.0
v4.1.2
Package name: jquery
https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/
https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/
https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/
https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/
https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/
https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/
https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/
3.5.1
Package name: marked
4.3.0 (2023-03-22)
Bug Fixes
Features
4.2.12 (2023-01-14)
Sorry for all of the quick releases. We were testing out different ways to build the files for releases. v4.2.5 - v4.2.12 have no changes to how marked works. The only addition is the version number in the comment in the build files.
Bug Fixes
4.2.11 (2023-01-14)
Bug Fixes
4.2.10 (2023-01-14)
Bug Fixes
4.2.9 (2023-01-14)
Bug Fixes
4.2.8 (2023-01-14)
Bug Fixes
4.2.7 (2023-01-14)
Bug Fixes
4.2.6 (2023-01-14)
Bug Fixes
4.2.5 (2022-12-23)
Bug Fixes
4.2.4 (2022-12-07)
Bug Fixes
Package name: mongoose
Package name: stream-buffers
3.0.3
3.0.2
Package name: typeorm
Bug Fixes
Features
Reverts
Bug Fixes
Cannot read properties of undefined (reading 'sync')
caused after glob package upgrade