Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade parse-server from 4.1.0 to 4.2.0 #13

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade parse-server from 4.1.0 to 4.2.0 #13

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Apr 9, 2020

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Insecure Randomness
SNYK-JS-CRYPTOJS-548472		 No No Known Exploit
Commit messages
Package name: parse-server The new version differs by 46 commits.
  • 1045eeb Prep release 4.2 (#6560)
  • dcba8e0 Case insensitive username and email indexing and query planning for Postgres (#6506)
  • a8a367e Update pg-promise to the latest version 🚀 (#6555)
  • 3625b37 Update eslint-plugin-flowtype to the latest version 🚀 (#6536)
  • 7121ea0 Fixed issue that prevented Postgres Tests from passing locally and on any port other than 5432 in travis (#6531)
  • a9dba44 Add file triggers and file meta data (#6344)
  • d48de7d Update graphql to the latest version 🚀 (#6558)
  • d52d35b Update lint-staged to the latest version 🚀 (#6550)
  • 384c2a9 Update parse to the latest version 🚀 (#6548)
  • 63a3fea Update lint-staged to the latest version 🚀 (#6547)
  • 958c706 Update apollo-upload-client to the latest version 🚀 (#6546)
  • 5d653d9 Update lint-staged to the latest version 🚀 (#6533)
  • 4d44edb Update follow-redirects to the latest version 🚀 (#6545)
  • 19dea5b Fix aggregate geoNear with date query (#6540)
  • 13bda61 Update prettier to the latest version 🚀 (#6532)
  • b6506de Fix (#6507)
  • 255cb15 GraphQL: Handle properly keys for pointer fields (#6499)
  • 312a4bc Switch ACL to Relay Global Id (#6495)
  • 1b8f057 GraphQL: Change Order Enum Strategy (#6515)
  • c178acd fixing enableExpressErrorHandler logic (#6423)
  • 927676b Updating Postgres/Postgis Call and Postgis to 3.0 (#6528)
  • b60502d Instagram: Support passing in API url (#6398)
  • beecedb Update prettier to the latest version 🚀 (#6525)
  • dd2b64e updated 2 files for allowing multiple client ids (#6523)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot