aliyun-egg
aliyun-egg copied to clipboard
eggjs
[Snyk] Security upgrade egg from 1.21.0 to 3.2.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
Yes | Proof of Concept |
|
761/1000 Why? Mature exploit, Has a fix available, CVSS 7.5 |
Denial of Service (DoS) SNYK-JS-DICER-2311764 |
Yes | Mature |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: egg
The new version differs by 250 commits.- 6a24fd8 Release 3.2.0
- 733d669 feat: update egg-multipart 2.x -> 3.x (#5023)
- 4857813 docs: update the version of the required Node (#5021)
- bbd0e43 chore: change the templates of bug/suggestion report (#5019)
- 64dd9fe Release 3.1.0 (#5003)
- 2c5ba48 🐛 FIX: Add config.httpclient.useHttpClientNext defined (#5001)
- 2ffb37a feat: Support urllib@3 (#5000)
- ff1850f Release 3.0.0 (#4999)
- a895b51 Release 2.36.0 (#4969)
- e0b93e0 feat: should log unfinished timing item (#4968)
- 7f1689f chore: typo CSRF on router.md (#4962)
- e31c09c chore: fix some comments (#4937)
- b0c17fd chore: remove git.io (#4940)
- 12755e2 test: Create codeql-analysis.yml (#4935)
- 8078917 chore: package upgrade and unittest fixture (#4933)
- a5a358c chore: fix contributors badges on README.md (#4930)
- 5b9d77d Release 2.35.0 (#4918)
- c1313f5 feat: dumpConfig add appInfo (#4917)
- 4e53091 test: add ChainAlert action (#4908)
- 32bef2b Release 2.34.0
- f97fe4a test: change error code assert (#4907)
- caacd09 feat: siteFile support custom control-cache (#4902)
- a7aa7f3 docs: typo fix on deployment.zh-CN.md (#4906)
- d3fe13a docs: typo fix on security.zh-CN.md (#4905)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
