Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #12

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

maniator
Copy link
Owner

@maniator maniator commented Jan 9, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: debug The new version differs by 43 commits.

See the full diff

Package name: electron-packager The new version differs by 250 commits.

See the full diff

Package name: github The new version differs by 142 commits.
  • 1667120 fix(package): update follow-redirects to version 1.2.6
  • 309e66e docs(README): fixlink to promise example (#651)
  • 072a53f fix: routes.json validation for project cards and columns
  • 8973c5e test: project cards
  • 9110ae1 chore(package): @ octokit/fixtures@^5.0.0
  • be1d098 fix: TypeScript/Flow definitions
  • 733f63e chore(package): update @ octokit/fixtures to version 4.1.0
  • 4ce5ad7 test: examples
  • 2c4bdd6 docs(examples): adapt for standard and testing
  • ea9b23a docs(README): set `EXAMPLES_GITHUB_TOKEN` for testing
  • f839777 chore(gitignore): .env
  • 4870f1c chore(package): ignore nyc coverage in examples
  • c130ca9 chore(package): dotenv, glob, proxyquire
  • 03c03f7 refactor: move defines from `routes.json` into separate `definitions.json` file
  • 72bff1e chore: remove unused `Util.isFalse()`
  • d8a2903 refactor: remove `Util.isTrue`
  • db4ecd1 chore: replace `Util.toCamelCase` with `lodash/camelCase`
  • 42d4c35 chore(package): lodash
  • 59887ad chore: remove unused `upper` argument from `Util.toCamelCase`
  • 29d7ead chore: remove unused Util.escapeRegExp method
  • b646d53 chore: remove obsolete doc/apidoc.js file
  • cf91047 chore(package): generate flow/typescript definition files before releasing
  • a6ec889 refactor: move scripts from `lib/` to `scripts/` folder
  • aff85ff chore(gitignore): lib/index.d.ts, lib/index.js.flow

See the full diff

Package name: tabtab The new version differs by 79 commits.
  • db75a56 test: ensure test run on travis
  • 3fefe80 3.0.2
  • c18b614 docs: update doc files
  • 23907cd feat: add tabtab.uninstall()
  • 0b00ccd 3.0.1-beta
  • c48223a example: adding uninstall-completion to example
  • 399a3da npm: remove assert-rejects
  • 1fdaa8c test: fixing test for node 7 / 8
  • e477705 test: fixing test
  • a598965 readme: fix badge for the branch
  • e143f80 Begin to write uninstall method
  • c2aedd8 Fixing check of filename when installing
  • 5447c9c 3.0.0-beta
  • d457524 readme: animated gif
  • c01b443 node: support for version 10, 8 and 7
  • e4854d9 readme: simple fix
  • 6c53559 readme: simple fix
  • c6aca5e readme: update toc
  • 0d0d497 readme: update documentation
  • 7841135 test: update example
  • c7770d4 test: remove bin and scripts/completion.sh
  • 036d9c0 feat: avoid adding multiple lines to SHELL scripts
  • 12d5897 log: better handling of descriptions
  • fae0553 example: remove completion script, all in one

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DEBUG-3227433
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants