[Snyk] Security upgrade chromedriver from 101.0.0 to 119.0.1

Open hypery2k opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- cli/package.json
- cli/package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	673/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.6	Command Injection SNYK-JS-CHROMEDRIVER-6049539	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: chromedriver

The new version differs by 77 commits.

de961e3 Hide private attributes from exports
379046e Update package dependencies
5b708ad Add tests for Node.js version 21
c99283d Bump version to 119.0.0
f6edc1e Add provenance
f43d7f8 Make install faster for update check
157d419 Add token to enable PR
09dd5b7 Bump version to 118.0.0
82a6380 Fix tag gh action script
ce13f36 Bump package version to 117.0.3
6c4011c Creates the intermediate tmp folder before attempting to copy CHROMEDRIVER_FILEPATH to it.
afe9bf9 Fix tag action script
13b621c Checkout during tag action
e77c025 Add create tag gh action
a81ea10 Fix version for action
2d6a5d6 Install dependencies during action
92e5845 Checkout on action
87e8749 Add action to create PR on update
48cb215 Fix typecheck for update.js
5bca510 Bump version to 117.0.2
c697320 Update update.js to do patch updates
0aaa6c1 Update github actions checkout and setup-node
1e4d2bc Fix install from pre-installed binary
91065a6 Remove install npm latest from build for arm

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Nov 08 '23 15:11 hypery2k