koa-rest-api-boilerplate
koa-rest-api-boilerplate copied to clipboard
posquit0
[Snyk] Fix for 10 vulnerabilities
Snyk has created this PR to fix 10 vulnerabilities in the yarn dependencies of this project.
Snyk changed the following file(s):
package.jsonyarn.lock
Note for zero-installs users
If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.
Vulnerabilities that will be fixed with an upgrade:
| Issue | Score | |
|---|---|---|
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106 |
738 |
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795 |
696 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539 |
589 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355 |
586 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783 |
586 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067 |
586 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599 |
586 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601 |
586 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602 |
586 |
 |
Regular Expression Denial of Service (ReDoS) npm:debug:20170905 |
506 |
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
- This PR was automatically created by Snyk using the credentials of a real user.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"elastic-apm-node","from":"3.14.0","to":"3.49.0"},{"name":"got","from":"9.6.0","to":"12.6.0"},{"name":"koa-router","from":"7.4.0","to":"13.0.1"},{"name":"swagger-jsdoc","from":"6.1.0","to":"6.2.6"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HOSTEDGITINFO-1088355","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-NORMALIZEURL-1296539","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-PATHPARSE-1077067","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-PATHTOREGEXP-7925106","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-SEMVER-3247795","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-SEMVER-3247795","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-SEMVER-3247795","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-VALIDATOR-1090599","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-VALIDATOR-1090601","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-VALIDATOR-1090602","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"npm:debug:20170905","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"80e83530-e733-4dc3-9ae9-9337ac82cf77","prPublicId":"80e83530-e733-4dc3-9ae9-9337ac82cf77","packageManager":"yarn","priorityScoreList":[586,586,589,586,738,696,586,586,586,506],"projectPublicId":"6ca6dfee-fef2-42af-9018-bd9819eb0110","projectUrl":"https://app.snyk.io/org/posquit0/project/6ca6dfee-fef2-42af-9018-bd9819eb0110?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-HOSTEDGITINFO-1088355","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-NORMALIZEURL-1296539","SNYK-JS-PATHPARSE-1077067","SNYK-JS-PATHTOREGEXP-7925106","SNYK-JS-SEMVER-3247795","SNYK-JS-VALIDATOR-1090599","SNYK-JS-VALIDATOR-1090601","SNYK-JS-VALIDATOR-1090602","npm:debug:20170905"],"vulns":["SNYK-JS-HOSTEDGITINFO-1088355","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-NORMALIZEURL-1296539","SNYK-JS-PATHPARSE-1077067","SNYK-JS-PATHTOREGEXP-7925106","SNYK-JS-SEMVER-3247795","SNYK-JS-VALIDATOR-1090599","SNYK-JS-VALIDATOR-1090601","SNYK-JS-VALIDATOR-1090602","npm:debug:20170905"],"patch":[],"isBreakingChange":true,"remediationStrategy":"vuln"}'
