zeronet-tracker
zeronet-tracker copied to clipboard
Published
20 hours ago •
ZeroNetJS
ZeroNetJS
[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: simple-websocket
The new version differs by 63 commits.- ed2d9cc build
- 1dd9767 8.0.0
- d7dc077 babel-minify is a dev dep
- e344a43 BREAKING: refactor to use ES class
- 1a530e7 uglify-js -> babel-minify
- fd7d7a7 7.3.0
- a8715bf Update .npmignore
- d784906 Merge pull request #55 from feross/greenkeeper/airtap-2.0.3
- 2aa1f80 Update package.json
- c7b962f chore(package): update airtap to version 2.0.3
- 908290d Merge pull request #53 from feross/greenkeeper/ws-7.0.0
- 21cb095 fix(package): update ws to version 7.0.0
- 0ff391d Merge pull request #47 from samuelmaddock/metastream
- c07a3e7 Merge pull request #51 from feross/greenkeeper/readable-stream-3.1.1
- 78d96d1 Merge pull request #50 from feross/greenkeeper/debug-4.1.1
- 45df608 fix(package): update readable-stream to version 3.1.1
- 092109f fix(package): update debug to version 4.1.1
- 6600fe2 Add Metastream to projects list
- 71eaac5 build
- cae39e9 7.2.0
- b3fed92 remove safe-buffer
- 4807d7d Merge pull request #43 from feross/greenkeeper/airtap-0.1.0
- 8133ac1 Merge pull request #42 from feross/greenkeeper/ws-6.0.0
- f0e5aec fix(package): update ws to version 6.0.0
Package name: ws
The new version differs by 250 commits.- f5297f7 [dist] 7.4.6
- 00c425e [security] Fix ReDoS vulnerability
- 990306d [lint] Fix prettier error
- 32e3a84 [security] Remove reference to Node Security Project
- 8c914d1 [minor] Fix nits
- fc7e27d [ci] Test on node 16
- 587c201 [ci] Do not test on node 15
- f672710 [dist] 7.4.5
- 67e25ff [fix] Fix case where `abortHandshake()` does not close the connection
- 23ba6b2 [fix] Make UTF-8 validation work even if utf-8-validate is not installed
- 114de9e [ci] Use a unique ID instead of commit SHA
- d75a62e [ci] Include commit SHA in `flag-name`
- a74dd2e [dist] 7.4.4
- 9277437 [fix] Recreate the inflate stream if it ends
- cbff929 [doc] Improve `websocket.terminate()` documentation
- 489a295 [ci] Use GitHub Actions (#1853)
- 77370e0 [pkg] Update eslint-config-prettier to version 8.1.0
- 99338f7 [doc] Fix `data` argument type (#1843)
- 223194e [dist] 7.4.3
- 4e9607b [perf] Reset compressor/decompressor instead of re-initialize (#1840)
- 2789887 [minor] Use `request.socket` instead of `request.connection`
- 2079ca5 [test] Increase code coverage
- d1a8af4 [dist] 7.4.2
- 48a2349 [pkg] Update eslint-config-prettier to version 7.1.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
