get-me-a-date icon indicating copy to clipboard operation
get-me-a-date copied to clipboard

Published 20 hours ago verified publisher icon hfreire

[Snyk] Fix for 1 vulnerabilities

Open hfreire opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: sharp The new version differs by 42 commits.
  • 7555378 Release v0.28.0
  • 80c95ee Docs: libvips tarballs are a bit smaller now
  • 31563b2 Ensure GIF input will work with future libvips v8.11.0
  • 861cd93 Pre-release v0.28.0-beta1
  • abb344b Upgrade to libvips v8.10.6
  • 6147491 Extend: default missing edge props to zero #2578
  • f1f18fb Docs: clarify that flatten removes alpha channel #2601
  • 9fc611f Docs: changelog entries for #2594 #2608
  • 34a2e14 Fix erroneous top/left clipping in composite #2571
  • 83fe65b Docs: include more relevant content in search index
  • ec26c8a Docs: ensure toBuffer pixel example works #2624
  • da43a30 Docs: correct typo in description of threshold operation
  • a38126c Ensure composite replicates correct tiles with centre gravity #2626
  • cb592ce Tests: add case for SVG with truncated embedded PNG
  • d69c58a Docs: add section about Linux memory allocators
  • bdb1986 Tests: run in parallel again
  • 55356c7 Docs: refresh markdown
  • a0f5525 Tests: a few more speed improvements
  • 013f5cf Tests: refactor modulate suite, ~20x faster
  • d5d008f Docs: reorder readme sections
  • 3b02134 Tests: update latest benchmark test results
  • a57d7b5 Tests: match concurrency with CPU count
  • 1a3c38d Pre-release v0.28.0-alpha1
  • 00aece0 Ensure id attr can be set for IIIF tile output #2612

See the full diff

Package name: sqlite3 The new version differs by 44 commits.
  • 573784b v5.0.3
  • e5a24fd Deleted `examples/` folder
  • b05f459 Added note about GitHub Releases to CHANGELOG.md
  • 33d0656 Modernised Usage example in README
  • 9d05c55 Fixed up more README nits
  • 08d6319 Fixed link to API docs
  • 0e2235a Altered wording in README
  • 76b6c56 Altered README header
  • e3df365 Updated README
  • 426930f Enabled CI to run when pushing tags
  • a21d41f Fixed uploading binaries to commit artifacts
  • bc978c7 Fixed CI step wording
  • 7f744a1 Added prebuilt binaries via GitHub Releases
  • b4b3c3a Deleted `scripts/` directory
  • 71bbdea Pinned dev dependencies (#1558)
  • a597383 Updated badges in README
  • 0eb4a0f Deleted Travis and Appveyor configs
  • b58d341 Downgraded `mocha` and `eslint`
  • f39b10d Added missing Node versions to CI
  • 8db96d4 Replaced Python extraction script with JS (#1570)
  • 11c988c Fixed Windows build architecture in CI
  • 8e63848 Updated Windows CI runner to `windows-latest`
  • d9e7d8b Fixed building on MacOS Monterey 12.3
  • 859b95b Updated `node-gyp` to v8.x

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

hfreire avatar May 13 '22 23:05 hfreire