airtng-node
airtng-node copied to clipboard
AirTNG - Rental-by-owner properties fit for a Captain, implemented with Node.js and Express
Bumps [bson](https://github.com/mongodb/js-bson) from 1.1.3 to 1.1.6. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Deserialization of Untrusted Data in bson All versions of...
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. ![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=mongoose&from_version=5.9.5&to_version=5.12.3&pr_id=aca90a2d-25e8-4e64-a28c-bae2a1316d34&visibility=true&has_feature_flag=false) #### Changes included in this PR - Changes to...
Bumps [pug-code-gen](https://github.com/pugjs/pug) from 2.0.2 to 2.0.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Remote code execution via the pretty option. Impact If...
Bumps [pug](https://github.com/pugjs/pug) from 2.0.4 to 3.0.2. Release notes Sourced from pug's releases. [email protected] Bug Fixes Sanitise the pretty option (#3314) If a malicious attacker could control the pretty option, it...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in lodash Versions of lodash prior to 4.17.19...
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The ini npm package before version...
Bumps [xpath](https://github.com/goto100/xpath) from 0.0.24 to 0.0.32. Commits See full diff in compare view [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=xpath&package-manager=npm_and_yarn&previous-version=0.0.24&new-version=0.0.32)](https://dependabot.com/compatibility-score/?dependency-name=xpath&package-manager=npm_and_yarn&previous-version=0.0.24&new-version=0.0.32) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [bl](https://github.com/rvagg/bl) from 2.2.0 to 2.2.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Remote Memory Exposure in bl A buffer over-read vulnerability...
Bumps [mongoose-deep-populate](https://github.com/buunguyen/mongoose-deep-populate) from 3.1.1 to 3.2.0. Commits See full diff in compare view [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=mongoose-deep-populate&package-manager=npm_and_yarn&previous-version=3.1.1&new-version=3.2.0)](https://dependabot.com/compatibility-score/?dependency-name=mongoose-deep-populate&package-manager=npm_and_yarn&previous-version=3.1.1&new-version=3.2.0) Dependabot will resolve any conflicts with this PR as long as you don't alter...