[Snyk] Upgrade: async, bcrypt, eslint, express-session, moment, mongoose, passport, winston #349
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
async
from 3.2.2 to 3.2.6 | 4 versions ahead of your current version | a month ago
on 2024-08-19
bcrypt
from 5.0.1 to 5.1.1 | 2 versions ahead of your current version | a year ago
on 2023-08-16
eslint
from 9.0.0 to 9.9.1 | 11 versions ahead of your current version | a month ago
on 2024-08-23
express-session
from 1.17.1 to 1.18.0 | 3 versions ahead of your current version | 8 months ago
on 2024-01-28
moment
from 2.29.1 to 2.30.1 | 5 versions ahead of your current version | 9 months ago
on 2023-12-27
mongoose
from 5.13.20 to 5.13.22 | 2 versions ahead of your current version | 9 months ago
on 2024-01-02
passport
from 0.3.2 to 0.7.0 | 8 versions ahead of your current version | 10 months ago
on 2023-11-27
winston
from 3.3.3 to 3.14.2 | 20 versions ahead of your current version | a month ago
on 2024-08-14
Issues fixed by the recommended upgrade:
SNYK-JS-MOMENT-2440688
SNYK-JS-MOMENT-2944238
SNYK-JS-PASSPORT-2840631
Release notes
Package name: async
Version 3.2.6
Version 3.2.5
Version 3.2.4
Version 3.2.3
Version 3.2.2
Package name: bcrypt
What's Changed
New Contributors
Full Changelog: v5.1.0...v5.1.1
What's Changed
New Contributors
Full Changelog: v5.0.1...v5.1.0
Update
node-pre-gyp
to 1.0.0Package name: eslint
Bug Fixes
9bde90c
fix: add logic to handlefixTypes
inlintText()
(#18736) (Amaresh S M)Documentation
4840930
docs: Update README with version support and clean up content (#18804) (Nicholas C. Zakas)f61f40d
docs: Update globals examples (#18805) (Nicholas C. Zakas)241fcea
docs: Use and define languages (#18795) (Nicholas C. Zakas)5dbdd63
docs: eslint-plugin-markdown -> @ eslint/markdown (#18797) (Nicholas C. Zakas)c6c8ddd
docs: update links to eslint-visitor-keys repo (#18796) (Francesco Trotta)f981d05
docs: Update README (GitHub Actions Bot)b516974
docs: update links toeslint/js
repo (#18781) (Francesco Trotta)fb7a3f5
docs: update note for package managers (#18779) (Jay)Chores
b0c34d0
chore: upgrade to @ eslint/js@9.9.1 (#18809) (Francesco Trotta)cd5a0da
chore: package.json update for @ eslint/js release (Jenkins)e112642
refactor: Extract parsing logic from Linter (#18790) (Nicholas C. Zakas)0f68a85
chore: use eslint-plugin-yml on yaml files only (#18801) (Milos Djermanovic)f8d1b3c
chore: update dependencies for browser tests (#18794) (Christian Bromann)aed2624
chore: update dependency @ eslint/config-array to ^0.18.0 (#18788) (renovate[bot])5c29128
chore: update dependency @ eslint/core to ^0.4.0 (#18789) (renovate[bot])5d66fb2
chore: migrate linting workflow to use trunk check meta-linter (#18643) (Chris Clearwater)bf96855
chore: add ids to github issue templates (#18775) (Strek)Features
41d0206
feat: Add support for TS config files (#18134) (Arya Emami)3a4eaf9
feat: add suggestion torequire-await
to removeasync
keyword (#18716) (Dave)Documentation
9fe068c
docs: how to author plugins with configs that extend other configs (#18753) (Alec Gibson)48117b2
docs: add version support page in the side navbar (#18738) (Amaresh S M)fec2951
docs: add version support page to the dropdown (#18730) (Amaresh S M)38a0661
docs: Fix typo (#18735) (Zaina Al Habash)3c32a9e
docs: Update yarn command for creating ESLint config (#18739) (Temitope Ogunleye)f9ac978
docs: Update README (GitHub Actions Bot)Chores
461b2c3
chore: upgrade to@ eslint/js@9.9.0
(#18765) (Francesco Trotta)59dba1b
chore: package.json update for @ eslint/js release (Jenkins)fea8563
chore: update dependency @ eslint/core to ^0.3.0 (#18724) (renovate[bot])aac191e
chore: update dependency @ eslint/json to ^0.3.0 (#18760) (renovate[bot])b97fa05
chore: update wdio dependencies for more stable tests (#18759) (Christian Bromann)Features
13d0bd3
feat: Add and use SourceCode#getLoc/getRange (#18703) (Nicholas C. Zakas)Bug Fixes
ab0ff27
fix: Throw error when invalid flags passed (#18705) (Nicholas C. Zakas)70dc803
fix:basePath
directory can never be ignored (#18711) (Milos Djermanovic)Documentation
282df1a
docs: Add system theme option (#18617) (Amaresh S M)53b1ff0
docs: Debug config docs (#18698) (Nicholas C. Zakas)a7016a5
docs: fix search input stylings (#18682) (Amaresh S M)Build Related
4514424
build: Enable JSON linting (#18681) (Nicholas C. Zakas)Chores
deee448
chore: upgrade to@ eslint/js@9.8.0
(#18720) (Francesco Trotta)4aaf2b3
chore: package.json update for @ eslint/js release (Jenkins)8e1a627
chore: update dependency @ eslint/core to ^0.2.0 (#18700) (renovate[bot])Features
7bd9839
feat: add support for es2025 duplicate named capturing groups (#18630) (Yosuke Ota)1381394
feat: addregex
option inno-restricted-imports
(#18622) (Nitin Kumar)Bug Fixes
14e9f81
fix: destructuring in catch clause inno-unused-vars
(#18636) (Francesco Trotta)Documentation
9f416db
docs: Add Powered by Algolia label to the search. (#18633) (Amaresh S M)c8d26cb
docs: Open JS Foundation -> OpenJS Foundation (#18649) (Milos Djermanovic)6e79ac7
docs:loadESLint
does not support optioncwd
(#18641) (Francesco Trotta)Chores
793b718
chore: upgrade @ eslint/js@9.7.0 (#18680) (Francesco Trotta)7ed6f9a
chore: package.json update for @ eslint/js release (Jenkins)7bcda76
refactor: Add type references (#18652) (Nicholas C. Zakas)51bf57c
chore: add tech sponsors through actions (#18624) (Strek)6320732
refactor: don't useparent
property inNodeEventGenerator
(#18653) (Milos Djermanovic)9e6d640
refactor: move "Parsing error" prefix adding to Linter (#18650) (Milos Djermanovic)Features
e2b16e2
feat: Implement feature flags (#18516) (Nicholas C. Zakas)8824aa1
feat: addecmaVersion: 2025
, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)Bug Fixes
1613e2e
fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)21d3766
fix:no-unused-vars
include caught errors pattern in report message (#18609) (Kirk Waiblinger)d7a7736
fix: improveno-unused-vars
message on unused caught errors (#18608) (Kirk Waiblinger)f9e95d2
fix: correct locations of invalid/* eslint */
comments (#18593) (Milos Djermanovic)Documentation
13dbecd
docs: Limit search to just docs (#18627) (Nicholas C. Zakas)375227f
docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)44915bb
docs: Update README (GitHub Actions Bot)d50db7b
docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)Chores
b15ee30
chore: upgrade @ eslint/js@9.6.0 (#18632) (Milos Djermanovic)d655503
chore: package.json update for @ eslint/js release (Jenkins)7c78ad9
refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)69ff64e
refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)d2d06f7
refactor: use/
separator when adjustingignorePatterns
on Windows (#18613) (Milos Djermanovic)6421973
refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)0a13539
refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)c7ddee0
chore: make internal-rules not being a package (#18601) (Milos Djermanovic)3379164
chore: remove.eslintrc.js
(#18011) (唯然)d0c3a32
chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)Features
b2d256c
feat:no-sparse-arrays
report on "comma" instead of the whole array (#18579) (fisker Cheung)Bug Fixes
6880286
fix: treat*
as a universal pattern (#18586) (Milos Djermanovic)7fbe211
fix: message template for all files ignored (#18564) (Milos Djermanovic)469cb36
fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)5cff638
fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)Documentation
455f7fd
docs: add section about including.gitignore
files (#18590) (Milos Djermanovic)721eafe
docs: update info about universalfiles
patterns (#18587) (Francesco Trotta)8127127
docs: Update README (GitHub Actions Bot)55c2a66
docs: Update README (GitHub Actions Bot)eb76282
docs: Update README (GitHub Actions Bot)ff6e96e
docs:baseConfig
andoverrideConfig
can be arrays (#18571) (Milos Djermanovic)d2d83e0
docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)9ce6832
docs: add callout box for unintuitive behavior (#18567) (Ben McCann)b8db99c
docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)518a35c
docs: Mention config migrator (#18561) (Nicholas C. Zakas)eb440fc
docs: specifying files with arbitrary or no extension (