cli-edgeworkers icon indicating copy to clipboard operation
cli-edgeworkers copied to clipboard

Published 20 hours ago verified publisher icon akamai

[Snyk] Security upgrade akamai-edgegrid from 3.1.4 to 3.3.0

Open hkambham opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-6124857		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: akamai-edgegrid The new version differs by 50 commits.
  • 7d8942a Merge pull request #119 from akamai/release/v3.3.0
  • 544b327 DXE-1766 Fix dependency version
  • bec184e Merge branch 'master' into release/v3.3.0
  • 52403bd DXE-1766 Bump version to 3.3.0 & Changelog update
  • bf9a69e Bump axios from 1.1.2 to 1.1.3
  • 97284c6 Bump mocha from 10.0.0 to 10.1.0
  • 4302b52 Bump tsd from 0.23.0 to 0.24.1
  • ee5ccdb Bump uuid from 8.3.2 to 9.0.0
  • d87b924 Bump axios from 0.27.2 to 1.1.2
  • 2daf329 Bump tsd from 0.22.0 to 0.23.0
  • e9bfd79 Bump tsd from 0.21.0 to 0.22.0 (#105)
  • 2d14af6 Bump tsd from 0.20.0 to 0.21.0
  • b1effcd Bump nock from 13.2.4 to 13.2.6
  • 1c2aee9 Bump log4js from 6.5.1 to 6.5.2
  • 6a2a722 Bump log4js from 6.4.6 to 6.5.1
  • f18efe4 Bump mocha from 9.2.2 to 10.0.0
  • 0cf1dad Bump axios from 0.26.1 to 0.27.2
  • e058860 Bump axios from 1.1.2 to 1.1.3
  • c839f9f Bump mocha from 10.0.0 to 10.1.0
  • ab526e7 Bump log4js from 6.6.1 to 6.7.0
  • 463833a Bump tsd from 0.23.0 to 0.24.1
  • 8a5c044 Bump uuid from 8.3.2 to 9.0.0
  • 2b062ed Bump axios from 0.27.2 to 1.1.2
  • a3136dc Bump tsd from 0.22.0 to 0.23.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

hkambham avatar Dec 27 '23 17:12 hkambham