wechat-jssdk icon indicating copy to clipboard operation
wechat-jssdk copied to clipboard

Published 20 hours ago verified publisher icon JasonBoy

[Snyk] Security upgrade debug from 4.1.1 to 4.3.1

Open JasonBoy opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: debug The new version differs by 34 commits.
  • 0d3d66b 4.3.1
  • b6d12fd fix regression
  • 3f56313 4.3.0
  • e2d3bc9 add deprecation notice for debug.destroy()
  • 72e7f86 fix memory leak within debug instance
  • 27152ca add test for enable/disable of existing instances
  • 22e13fe fix quoted percent sign
  • 80ef62a 4.2.0
  • 09914af Marks supports-color as an *optional* peer dependency
  • db306db Update and pin ms to 2.1.2
  • 6b07f9e Fixes: Unable to take control over selectColor #747
  • 0c1d518 remove dead code and fix lowercase comment (for linter)
  • 4acdeed run linter inside of test script
  • 3f4d724 Add "engines" to `package.json` (#680)
  • 608fca9 Update ISSUE_TEMPLATE.md
  • 5c7c61d fix links in issue templates
  • 976f8d2 add issue and pull request templates
  • 982c12c test: only run coveralls on travis
  • 825d35a copy custom logger to namespace extension (fixes #646)
  • 5528572 use console.debug() in browser when available (closes #600)
  • c0127b1 remove examples folder (closes #650)
  • 94583b6 remove build system (closes #652)
  • 0e94034 update development dependencies
  • ad551e2 add Josh Junon to contributors

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

JasonBoy avatar Dec 08 '23 14:12 JasonBoy