Server icon indicating copy to clipboard operation
Server copied to clipboard

Published 20 hours ago verified publisher icon MediaButler

[Snyk] Security upgrade trakt.tv from 7.0.0 to 8.1.0

Open vertig0ne opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 556/1000
Why? Recently disclosed, Has a fix available, CVSS 5.4		 Open Redirect
SNYK-JS-GOT-2932019		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: trakt.tv The new version differs by 29 commits.
  • 88b2569 release 8.1.0
  • c4a39d4 update got
  • dbbff30 remove sanitizer
  • 6b4f0d7 ignore package-lock.json
  • 90dfc31 update methods as of 24/10/2021
  • 2a556be update methods for 8.0.0
  • 0589e6d update package to 8.0
  • 1904987 update code for got>10
  • 72d3e5a update 'got' to 10.6
  • b271f58 may 22, 2019: add new method /episodes/people
  • df38d26 may 22, 2019: extended param 'guest_stars' for show/season's people
  • f9e0a0f aug 21, 2019: optional pagination for ratings
  • f0d4972 parameters requires encodeURIComponent
  • a7951e7 Merge pull request #56 from rppig42/add_properties
  • 35a4373 add seasons
  • 214180f add season type
  • 2ffcb2c Merge pull request #54 from sharkykh/fix-revoke
  • 8426d14 Fix revoke call
  • 3f21e23 bump to 7.2.0
  • f8c10c2 add 'season' to collections/add
  • 19772ab march 19, 2019: ignore_collected for shows/movies recommendations
  • e0f726a jan 25, 2019: /shows/progress/collection & /shows/progress/watched
  • 658646c jan 25, 2019: /languages call
  • 05724db jan 25, 2019: /countries call

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect

vertig0ne avatar Jun 19 '22 22:06 vertig0ne