supabase-react-query-codegen icon indicating copy to clipboard operation
supabase-react-query-codegen copied to clipboard

Published 20 hours ago verified publisher icon barrymichaeldoyle

[Snyk] Security upgrade ts-morph from 18.0.0 to 24.0.0

Open barrymichaeldoyle opened this issue 1 year ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 Yes Proof of Concept
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ts-morph The new version differs by 50 commits.
  • 061a3fe 24.0.0 (#1577)
  • d7bad92 feat: TypeScript 5.6 (#1576)
  • 1dcb8a7 refactor: cleanup string deindenation (#1575)
  • 81dc87d fix: getBodyText() doesn't work as would be expected (#1560)
  • 0d38985 fix: getDerivedClasses() isn't correct in some cases (#1557)
  • 308ae4c perf: switch to tinyglobby to drop 15 dependencies (#1558)
  • ccf1bd5 chore: fix ci (#1569)
  • 69f674d perf: remove mkdirp dependency (#1549)
  • 5e208c5 23.0.0 (#1548)
  • 1cf6a6b fix: handle removeDefaultImport with type only import (#1547)
  • b3d01c8 feat: Type.prototype.isBigInt and isBigIntLiteral (#1546)
  • 868755d feat: TypeScript 5.5 (#1545)
  • 2bee533 refactor: publish deno build to jsr (#1544)
  • 886ad69 22.0.0 (#1521)
  • eb9c24a chore: update contributing docs (#1519)
  • d24e2a7 feat: ClassDeclarationStructure - support static blocks (#1520)
  • ca77636 feat: `TypeChecker.prototype.resolveName` (#1518)
  • e8b5727 feat: `Type.prototype.isAssignableTo` (#1517)
  • e7799eb feat(BREAKING): upgrade to TypeScript 5.4 (#1516)
  • 92962aa fix(BREAKING): `Node.prototype.forgetDescendants()` no longer returns self (#1515)
  • 6fdf7d3 docs: fix typo in adding-source-files.md (#1490)
  • 871cb46 fix: MethodDeclarationStructure should write an asterisk isGenerator = true (#1502)
  • 715bd0d chore: fix build (#1504)
  • 930779a 21.0.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

barrymichaeldoyle avatar Oct 12 '24 00:10 barrymichaeldoyle