egg-init
egg-init copied to clipboard
eggjs
[Snyk] Security upgrade proxy-agent from 2.3.1 to 5.0.0
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
798/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.1 |
Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: proxy-agent
The new version differs by 24 commits.- 3f45710 5.0.0
- 31be875 Update "pac-proxy-agent" to v5
- dabbfb3 Drop Node v6 support
- 13b1544 4.0.1
- 8e6305a Fix type definitions to account for transparent proxy discovery (#57)
- 9963359 Add Node.js 14 to testing matrix (#58)
- f4d6ff6 README.md: Mention proxy-from-env support (#56)
- b9fcf37 4.0.0
- d18c6bd Update `agent-base` to v6 (#55)
- 4af6f5e 3.1.1
- af5434d Update "pack-proxy-agent" to v3.0.1
- cd18ccf Use `localhost` instead of `127.0.0.1` for tests
- 778ea05 Update dependencies
- 70ffd00 Meh…
- 1a1abb5 Use GH Actions instead of Travis-CI
- 3588645 Update `https-proxy-agent` to v3.0.0 (#47)
- 10ff67b 3.1.0
- 063ad8f Remove `package-lock.json` file
- 199f29f Add TypeScript types (#34)
- bfe9ec5 3.0.3
- d32e248 Upgrade pac-proxy-agent to 3.x (#31)
- d392bc7 Release 3.0.1 (#30)
- d67cb23 Update `socks-proxy-agent` to v4.0.1 (#26)
- 65fcf7a Release 3.0.0 (#22)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
