[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1 #34

zygisk-topjohnu · 2024-10-11T15:36:33Z

Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 24 versions ahead of your current version.
The recommended version was released 23 days ago, on 2024-09-18.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-NODEFETCH-2342118	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @redhat-developer/vscode-redhat-telemetry

0.8.1 - 2024-09-18
Bumps dset from 3.1.2 to 3.1.4.
- Release notes
- Commits
updated-dependencies:
- dependency-name: dset
  dependency-type: indirect
  ...
Signed-off-by: dependabot[bot] support@github.com
0.8.0 - 2024-05-23
Signed-off-by: Fred Bricon fbricon@gmail.com
0.7.1 - 2023-11-13
Signed-off-by: Fred Bricon fbricon@gmail.com
0.7.0 - 2023-08-29
The function 'getPlatform' is used before its definition. At that point,
the global variable 'linuxes' is not yet initialised, resulting in
errors.

By moving all exports to the bottom, this problem should be fixed.
0.6.1 - 2023-03-28
Signed-off-by: Fred Bricon fbricon@gmail.com
0.6.0 - 2023-03-15
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.4 - 2023-01-04
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.3 - 2023-01-04
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.2 - 2022-11-17
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.1 - 2022-11-15
0.5.0 - 2022-11-14
0.4.3 - 2022-07-29
0.4.2 - 2021-09-21
0.4.1 - 2021-09-21
0.4.0 - 2021-09-17
0.3.0 - 2021-09-16
0.2.0 - 2021-06-22
0.1.1 - 2021-06-08
0.1.0 - 2021-06-08
0.0.18 - 2021-04-27
0.0.17 - 2021-04-26
0.0.16 - 2021-04-26
0.0.15 - 2021-03-30
0.0.14 - 2021-03-30
0.0.13 - 2021-02-08

from @redhat-developer/vscode-redhat-telemetry GitHub release notes

Commit messages

Package name: @redhat-developer/vscode-redhat-telemetry

18784ce Bump dset from 3.1.2 to 3.1.4
27243d4 Update Github Actions
2342c3e Bump version to 0.8.1
6a2f7a0 Replace axios with NodeJS 18 `fetch()`
b010a98 Disable telemetry for XML, YAML, DA
d5737dc Add daily limits support for events (1 startup/day)
82034e5 'npm audit fix' changes
f3d2d4d Limit vscode-xml's document.server.open to 10% of users
023fc09 Disable shutdown event, throttle Analytics to 50% users
5a6fd93 Throttle vscode-xml and vscode-java telemetry by 50%
e41c71d Throttle vscode-yaml telemetry by 50% (updates logo fabric8-analytics/fabric8-analytics-vscode-extension#49)
5701925 Bump follow-redirects from 1.15.3 to 1.15.4
f451c20 Don't sanitize technical properties
f00d4ac Upgrade Axios to 1.6.0
f68a5d7 Only include 0.3% of all 'textCompletion' events from 'redhat.java'.
02db55f Prevent initialisation errors on Linux
66930fd Fine-tune ratio precision up to 0.01%
2cc060d Fix the textCompletion telemetry filter.
f9724d1 Only include 30% of all 'textCompletion' events from 'redhat.java'.
9655bbe Don't use ESM version of os-locale
8816d8b Allow configuration of ratio per event
631a25d Typo in readme
03ef92b Bump webpack to 5.76.1
50ceacb Fix webworker example

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

… 0.8.1 Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1. See this package in npm: https://www.npmjs.com/package/@redhat-developer/vscode-redhat-telemetry See this project in Snyk: https://app.snyk.io/org/aimanbinggo/project/dae255e1-e66d-424f-a782-f66e3b553499?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1 #34

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1 #34

zygisk-topjohnu commented Oct 11, 2024

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1 #34

Are you sure you want to change the base?

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1 #34

Conversation

zygisk-topjohnu commented Oct 11, 2024

Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.8.1.