Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #62

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

donfn
Copy link
Contributor

@donfn donfn commented Dec 27, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-6124857
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @poiw/saffron The new version differs by 33 commits.
  • 61c7264 Merge pull request #73 from poiw-org/refactor
  • abb6940 Fix test errors
  • f5224d9 Fixed merge errors
  • 4215bef Removed docker from package.json
  • b202a56 HTML doc examples
  • 5a50f75 Replaced let with const
  • e3a7ad1 Finished HTML docs and added static option
  • 9c91ac5 Wordpress path customization, added request headers option and minor changes
  • 69dc4fa Optmized import and lint code
  • 9432986 Check for duplicates in keys and started html documentaion
  • 6ceb3ac Refactored html parser and optimized cleanupHTMLText
  • caa7e49 Created type for source.scrape
  • 4ff1649 Moved alias assignment to worker
  • 590acff Fixed parser errors and added docs for dynamic parser
  • df39f25 Fixed RSS and some minor changes
  • d047592 Added WordPress v2 documentation
  • d29d397 Added tsconfig importsNotUsedAsValues as error
  • 0263735 Edited events
  • a723ccb FIxed config.test
  • 1e91d21 Updated workflows and packages
  • c6dd6ce Renamed config options and added more documentaion
  • 238cc9f Finished with tests and started documentation
  • 4637408 Fixed grid added eventDelay option and added more tests
  • 33bd955 Added and fixed tests

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants