Skip to content

[Snyk] Security upgrade github from 7.3.2 to 12.0.0#7

Open
enterstudio wants to merge 1 commit intomasterfrom
snyk-fix-bcfb10f3aca2212b9f0d0c654f89bbc6
Open

[Snyk] Security upgrade github from 7.3.2 to 12.0.0#7
enterstudio wants to merge 1 commit intomasterfrom
snyk-fix-bcfb10f3aca2212b9f0d0c654f89bbc6

Conversation

@enterstudio
Copy link
Owner

@enterstudio enterstudio commented Nov 29, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: github The new version differs by 207 commits.
  • e6a0950 docs(CONTRIBUTING): Merging the Pull Request & releasing a new version
  • bc32299 chore: remove CHANGELOG.md - moved to GitHub releases
  • 1f9216c chore(travis): semantic-release setup
  • 68e5367 chore(package): semantic-release setup
  • 493473c chore(gitignore): package-lock.json
  • 2abb33f chore(package): remove package-lock.json
  • f74b2f8 docs(readme): add Greenkeeper badge
  • cab5531 chore(package): update dependencies
  • f4845cf chore(package): nyc & coveralls
  • 4bcc50b docs(README): add coverage badge
  • 70ed5de chore(travis): upload coverage after success
  • c088e0f chore(gitignore): .nyc_output, coverage
  • 887a8ab chore(package): add @ gr2m to contributors
  • a2738dc chore(examples): rename repo owner to octokit
  • ad9907b chore(CONTRIBUTING): rename repo owner to octokit
  • c74aac5 style: standard
  • f67b1d3 style(scripts): remove trailing spaces in comments
  • 439bf32 docs(examples): adapt for standard linter
  • 04661e6 docs(README): adapt examples to standard linter
  • d106fd8 chore(package): standard, standard-markdown
  • e8bcb8f chore(package): @ octokit/fixtures@^2.4.0
  • 106b422 test: lock/unlock issue
  • 1ade57a chore: remove obsolete comments
  • 155a211 test: branch protection

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@snyk-bot
fix: package.json to reduce vulnerabilities
8fa54ba 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@enterstudio @snyk-bot