hypertrace
[Snyk] Security upgrade rudder-sdk-js from 2.46.0 to 2.48.7
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Uncontrolled resource consumption SNYK-JS-BRACES-6838727 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: rudder-sdk-js
The new version differs by 215 commits.- 727804c chore(release): pulling release/3.7.0 into main (#1703)
- d2e5fe0 chore(monorepo): sync versions and generate release logs
- e58b2fe chore(@ rudderstack/analytics-js-sanity-suite): release version 3.0.6
- 5454b88 chore(@ rudderstack/analytics-js-loading-scripts): release version 3.0.5
- c5eb782 chore(@ rudderstack/analytics-js-integrations): release version 3.1.0
- 4a1bfda chore(rudder-sdk-js): release version 2.48.7
- 5f4367f chore(@ rudderstack/analytics-js): release version 3.1.0
- 5d9f75a chore(@ rudderstack/analytics-js-plugins): release version 3.0.4
- 0c11299 chore(@ rudderstack/analytics-js-common): release version 3.2.0
- e85208b chore: remove duplicate config named eventWhiteList (#1652)
- 607c381 feat: add autoConfig support in FBPixel, add tests (#1702)
- c57cf82 feat: warn users on missing plugins (#1691)
- bb7e1df feat: supporting add to cart for criteo (#1696)
- 3543cc1 feat: added custom domain support in ga4 (#1697)
- ba33b9e feat: upgrade storejs lib and remove the patch (#1700)
- 695b229 chore: update all the sample applications to latest (#1695)
- 36a13b0 feat: add a patch for storejs to expose length of the store (#1694)
- f3a59a1 chore(release): pull main into develop post release v3.6.0 (#1692)
- 711180c chore(release): pulling release/3.6.0 into main (#1690)
- d19c0c0 chore(monorepo): sync versions and generate release logs
- 90cad53 chore(@ rudderstack/analytics-js-sanity-suite): release version 3.0.5
- c9a5928 chore(@ rudderstack/analytics-js-loading-scripts): release version 3.0.4
- c607507 chore(@ rudderstack/analytics-js-integrations): release version 3.0.4
- 74704da chore(@ rudderstack/analytics-js): release version 3.0.4
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Uncontrolled resource consumption
Test Results
ββββ4 filesβ Β±0ββββ317 suitesβ Β±0βββ30m 23s :stopwatch: - 2m 9s 1β143 tests Β±0ββ1β143 :white_check_mark: Β±0ββ0 :zzz: Β±0ββ0 :x: Β±0β 1β153 runsβ Β±0ββ1β153 :white_check_mark: Β±0ββ0 :zzz: Β±0ββ0 :x: Β±0β
Results for commit d5f4fb6e.βΒ± Comparison against base commit cf7c36a3.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}