cypress-cucumber-preprocessor Security vulnerability in undici@5.28.4

Security vulnerability in [email protected]

Open b-bly opened this issue 9 months ago • 0 comments

Current behavior

Snyk is reporting:

Insecure Randomness [High Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-8641354] in [email protected]
    introduced by @badeball/[email protected] > [email protected] > @actions/[email protected] > @actions/[email protected] > [email protected]
  This issue was fixed in versions: 5.28.5, 6.21.1, 7.2.3

When github actions/http-client is updated with [email protected], and then find-cypress-specs is updated, then cypress-cucumber-preprocessor can be updated.

See:

https://github.com/actions/toolkit/issues/1939

Desired behavior

Update find-cypress-specs version when child dependency [email protected] is updated.

Cypress version

Preprocessor version

22.0.0

Node version

22.14.0

Operating system

Mac Sonoma 14.7.1

Checklist

[x] I've read the FAQ.
[x] I've read instructions for logging issues.
[x] I'm not using [email protected] (package name has changed and it is no longer the most recent version, see #689).

Feb 18 '25 17:02 b-bly

cypress-cucumber-preprocessor cypress-cucumber-preprocessor copied to clipboard

Security vulnerability in [email protected]

Current behavior

Desired behavior

Cypress version

Preprocessor version

Node version

Operating system

Checklist

cypress-cucumber-preprocessor
cypress-cucumber-preprocessor copied to clipboard