nodeclub icon indicating copy to clipboard operation
nodeclub copied to clipboard

Published 20 hours ago verified publisher icon cnodejs

[Snyk] Fix for 1 vulnerabilities

Open snyk-bot opened this issue 5 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 776/1000
Why? Recently disclosed, Has a fix available, CVSS 9.8		 Prototype Pollution
SNYK-JS-LODASH-590103		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ioredis The new version differs by 112 commits.
  • c941362 chore(release): v2.0.0
  • c735dcf docs(CHANGELOG): v2.0.0
  • 236da27 perf: improve the performance of checking flags (#312)
  • 5c2e119 chore(eslint): upgrade eslint config for the new version
  • 423f91f Fix typo in connection test file (#311)
  • 3d6c811 docs(README): update contributors
  • a0d5b25 feat: include source and database in monitor events (#308)
  • 6ee56b2 Merge pull request #300 from dguo/patch-1
  • fc616b5 docs(README): add warning for key prefixing with some commands
  • 79b9feb Merge pull request #299 from spiffytech/master
  • c9a6f91 Add example of changing Redis server config
  • ce50f9a Merge pull request #297 from TeeAaTeeUu/master
  • 8ea5004 set 'dropBufferSupport' true for temporary connections in sentinel_connector
  • eb21cf2 chore(release): v2.0.0-rc4
  • 8bf2735 docs(CHANGELOG): v2.0.0-rc4
  • 9e08f01 test: fix test for auth
  • 097fdbc feat: print logs for unhandled error event
  • be8d28e test: fix test for select command
  • a87f405 feat: add support for Node.js v6 (#295)
  • a5acc61 Merge branch 'feat/auth-error'
  • 56cb047 Merge branch 'master' into feat/auth-error
  • dfdebfe fix: won't emit error again when password is wrong
  • 8f3bb6a fix: dropBufferSupport not support selecting database
  • 3561fab fix: reconnect when ready check failed

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Aug 21 '20 03:08 snyk-bot