nodeclub
nodeclub copied to clipboard
Published
20 hours ago •
cnodejs
cnodejs
[Snyk] Fix for 5 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-REDIS-1255645 |
Yes | No Known Exploit |
|
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599 |
Yes | No Known Exploit |
|
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600 |
Yes | No Known Exploit |
|
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601 |
Yes | No Known Exploit |
|
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: connect-redis
The new version differs by 56 commits.- c951850 v4.0.0
- 2df1368 Version 4
- 1d36eec Format code base and cleanup tests.
- a50fbcc Enabling Redis client error logging by default
- 5469fcb v3.4.2
- 3609797 Fix compatibility issues with ioredis + Cluster
- a2babda Bump devDependencies
- e8744e4 Session check verbiage reduction
- 2f4b9d2 v3.4.1
- b60d6ed Bump debug dependency
- 8b8c951 Require node-redis conditionally
- 98752e1 Mention redis-mock in readme
- 41ad8ca Add length method (#246)
- 67862be Release 3.4.0
- 2bc71c3 Ignore package-lock.json
- c04f1a4 Update dependencies (#243)
- be3001d Merge pull request #225 from rudfoss/patch-1
- 68e0928 Corrected session maxAge const path
- cc036da Release 3.3.3
- 5d7c0b3 Merge pull request #223 from ranjan14196/master
- 1b3e72b Fix issue #219
- 83c15e7 Merge pull request #222 from kevinsimper/patch-1
- 4971a1a express-session requires the resave value to be defined
- 93b5ce5 Release 3.3.2
Package name: validator
The new version differs by 250 commits.- 24b3fd3 13.6.1
- b986f3d fix: ReDOS in isEmail and isHSL (#1651)
- 2a3a1c3 13.6.0
- 1fa0959 chore: add typeof utility (#1648)
- cf403d0 fix(isMobilePhone): add Sierra Leone phone and fix Sri Lanka phone (#1558)
- 3f70b8e feat(isPassportNumber, isIBAN, isMobilePhone): add Mozambique locale (#1604)
- 05ceb18 isURL(): Allow URLs to have only a username in the userinfo subcomponent (#1644)
- 9ee1b6b fix(isMobilePhone): update china zh-CN locale (#1642)
- b82f4f2 fix(docs): typo in README.md (#1640)
- 615547f feat(isMobilePhone): add Latvia lv-LV locale (#1638)
- d006e08 fix(isMobilePhone): add support for new networks codes in GH (#1635)
- c33fca6 fix(isISIN): optimization (#1633)
- 2ef84e4 fix(isIP): validator patterns for IPv4 and IPv6 RegExp formats (#1632)
- 67a200d feat(isPostalCode): add KR locale (#1628)
- b65ddc5 fix: fix A-z ranges (#1625)
- 39830a9 feat: IR passport and identityCard, respect .gitignore files (#1595)
- 5d6db63 feat(isIPRange): add support for IP version 4 or 6 (#1594)
- a31c116 fix: update isMobilePhone validation for en-SG (#1573)
- 63b6162 chore: add gitter chatroom badge (#1592)
- bb0dba6 feat(isPassportNumber): add MY locale (#1574)
- 7989e5b feat(isLicensePlate): add support for pt-BR locale (#1588)
- 3c771e8 feat(pt-BR): tax id, passport and license plates (#1613)
- 418df05 fix(isMobilePhone): prevent allowing landline numbers in es-CO (#1623)
- 6262f62 chore: improving code coverage to 100% branches (#1624)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
