shopify-node-react-app
shopify-node-react-app copied to clipboard
[Snyk] Security upgrade koa-router from 8.0.8 to 11.0.2
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Regular Expression Denial of Service (ReDoS) npm:debug:20170905 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: koa-router
The new version differs by 50 commits.- 8fe1d54 11.0.1
- d2ad849 feat: allow set router host match (#156)
- 54a3198 11.0.0
- fdf7117 chore: drop node 12 from tests
- d0c6d8b feat: require node >= 12, modernize, bump deps
- 68253f6 fix(lib/test/doc): fix jsdoc and typo (#146)
- c6a8fc8 feat: add `exclusive` option (#129)
- 3454a7d doc: add comma for better understanding (#145)
- 13a634d Support symbols as route names (#143)
- 6ba3efa feat(deps): update minimal version from 8 -> 12 (#152)
- 6db0e68 feat(default-params): replace || cond with default params (#153)
- 6aca720 Improve path checking before route registration (#155)
- 4fb50ac improve doc for prefix method. (#151)
- 65414f4 * update deps (#150)
- 1aead99 doc: add header to refer to api reference. (#112)
- 05fe8dd Include type installation instructions in README (#134)
- 5cec6fb Replace user with ctx.user in param docs (#136)
- 90dd73c 10.1.1
- 904db98 Correct @ hapi/boom usage example (#128)
- fa48560 10.1.0
- e9fa04b Fix additional entry inejcted to params (#124)
- 344ba0b 10.0.0
- 89b7c02 Allow router.redirect() to accept external destinations (#110)
- 56735f0 v9.4.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons: