Skip to content

[Snyk] Fix for 1 vulnerabilities#6

Open
enterstudio wants to merge 1 commit intomasterfrom
snyk-fix-69a2068eed6054103c2a6d08538ebbf1
Open

[Snyk] Fix for 1 vulnerabilities#6
enterstudio wants to merge 1 commit intomasterfrom
snyk-fix-69a2068eed6054103c2a6d08538ebbf1

Conversation

@enterstudio
Copy link
Owner

@enterstudio enterstudio commented Jan 10, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: debug The new version differs by 43 commits.

See the full diff

Package name: github The new version differs by 236 commits.
  • 1667120 fix(package): update follow-redirects to version 1.2.6
  • 309e66e docs(README): fixlink to promise example (build(deps): bump glob from 13.0.0 to 13.0.1 nodejs/github-bot#651)
  • 072a53f fix: routes.json validation for project cards and columns
  • 8973c5e test: project cards
  • 9110ae1 chore(package): @ octokit/fixtures@^5.0.0
  • be1d098 fix: TypeScript/Flow definitions
  • 733f63e chore(package): update @ octokit/fixtures to version 4.1.0
  • 4ce5ad7 test: examples
  • 2c4bdd6 docs(examples): adapt for standard and testing
  • ea9b23a docs(README): set `EXAMPLES_GITHUB_TOKEN` for testing
  • f839777 chore(gitignore): .env
  • 4870f1c chore(package): ignore nyc coverage in examples
  • c130ca9 chore(package): dotenv, glob, proxyquire
  • 03c03f7 refactor: move defines from `routes.json` into separate `definitions.json` file
  • 72bff1e chore: remove unused `Util.isFalse()`
  • d8a2903 refactor: remove `Util.isTrue`
  • db4ecd1 chore: replace `Util.toCamelCase` with `lodash/camelCase`
  • 42d4c35 chore(package): lodash
  • 59887ad chore: remove unused `upper` argument from `Util.toCamelCase`
  • 29d7ead chore: remove unused Util.escapeRegExp method
  • b646d53 chore: remove obsolete doc/apidoc.js file
  • cf91047 chore(package): generate flow/typescript definition files before releasing
  • a6ec889 refactor: move scripts from `lib/` to `scripts/` folder
  • aff85ff chore(gitignore): lib/index.d.ts, lib/index.js.flow

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@snyk-bot
fix: package.json to reduce vulnerabilities
669a856 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DEBUG-3227433
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@enterstudio @snyk-bot