datastar icon indicating copy to clipboard operation
datastar copied to clipboard

Published 20 hours ago verified publisher icon godaddy

[Snyk] Upgrade priam from 4.0.0 to 4.1.0

Open snyk-bot opened this issue 2 years ago • 2 comments

Snyk has created this PR to upgrade priam from 4.0.0 to 4.1.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 2 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-06-08.
Release notes
Package name: priam
  • 4.1.0 - 2022-06-08
  • 4.0.1 - 2019-12-11
  • 4.0.0 - 2019-12-04

    Update min version from 12.0 to 12.3

from priam GitHub release notes
Commit messages
Package name: priam
  • 319e458 4.1.0
  • c395086 Expose Cassandra clients in connection events (#85)
  • 4add8a0 Purge vulnerabilities from lockfile
  • 93408ab Bump hosted-git-info from 2.7.1 to 2.8.9 (#79)
  • 1df5749 fix: package.json & package-lock.json to reduce vulnerabilities (#77)
  • 207ccdb Bump y18n from 4.0.0 to 4.0.1 (#78)
  • 6bf741b Bump yargs-parser from 13.0.0 to 13.1.2 (#76)
  • 618375a Bump lodash from 4.17.15 to 4.17.19 (#74)
  • 7e0f265 Security audit fixes (#71)
  • dc47dad Include error for queryFailed events (#67)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar Jul 19 '22 20:07 snyk-bot

Logo Checkmarx AST – Scan Summary & Details1879db01-7964-4515-a53a-c94e42e13b0f

New Issues

Severity Issue File / Package Scan Engine
HIGH CVE-2021-23343 Npm-path-parse-1.0.6 CxSCA
HIGH CVE-2021-35065 Npm-glob-parent-5.1.2 CxSCA
HIGH CVE-2021-3807 Npm-ansi-regex-3.0.0 CxSCA
HIGH CVE-2021-3807 Npm-ansi-regex-5.0.0 CxSCA
HIGH CVE-2021-3807 Npm-ansi-regex-4.1.0 CxSCA
HIGH CVE-2021-43138 Npm-async-1.5.2 CxSCA
HIGH CVE-2021-44906 Npm-minimist-1.2.5 CxSCA
HIGH CVE-2022-24785 Npm-moment-2.24.0 CxSCA
HIGH CVE-2022-31129 Npm-moment-2.24.0 CxSCA
HIGH Cx62f5bb1b-fa5e Npm-moment-2.24.0 CxSCA
HIGH Cx89601373-08db Npm-debug-3.2.6 CxSCA
HIGH Cx89601373-08db Npm-debug-4.1.1 CxSCA
HIGH Cx8bc4df28-fcf5 Npm-debug-3.2.6 CxSCA
HIGH Cx8bc4df28-fcf5 Npm-debug-4.1.1 CxSCA
HIGH Cxb3ca64d2-9cd1 Npm-mocha-7.1.1 CxSCA
HIGH Cxdca8e59f-8bfe Npm-inflight-1.0.6 CxSCA
MEDIUM CVE-2020-15366 Npm-ajv-6.10.2 CxSCA
MEDIUM Cx65603961-769c Npm-debug-4.1.1 CxSCA
MEDIUM Cx65603961-769c Npm-debug-3.2.6 CxSCA
MEDIUM Cxbd6f2b91-dd38 Npm-debug-4.1.1 CxSCA
MEDIUM Cxbd6f2b91-dd38 Npm-debug-3.2.6 CxSCA

jgowdy avatar Jul 19 '22 20:07 jgowdy

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

sonarqubecloud[bot] avatar Jul 25 '22 19:07 sonarqubecloud[bot]