flickr-set-get icon indicating copy to clipboard operation
flickr-set-get copied to clipboard

Published 20 hours ago verified publisher icon lmammino

[Snyk] Security upgrade prompt from 0.2.14 to 1.2.0

Open lmammino opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes No Known Exploit
low severity 324/1000
Why? Has a fix available, CVSS 2.2		 Uninitialized Memory Exposure
npm:utile:20180614		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: prompt The new version differs by 79 commits.
  • fbf6dac 1.2.0
  • fef3933 Move off abandoned utile dependency #213
  • 33febea add eslint
  • c071b85 Merge pull request #198 from caub/1.1
  • 88c403e 1.1.0
  • 756fa65 Fix inconsistent options.noHandleSIGINT for windows
  • 8d5495c Merge pull request #196 from caub/promisify
  • 33ddf56 prompt.get promise: add test, update readme
  • b92a9a9 promisify prompt.get
  • 0ff93b6 Merge pull request #184 from dsych/windows-sigint
  • 9e80863 triggering sigint on windows
  • 1c95d1d Merge pull request #171 from blahah/master
  • 65ac6e2 Merge pull request #172 from Shank09/Shank09-package.json
  • d03edd0 Added missing keywords in package.json
  • df42a26 Respect falsy overrides (fixes #151)
  • b732102 Merge pull request #169 from jordanyaker/master
  • 6ebf54a Removed the pkginfo dependency. Updated the required version of winston.
  • 7d1a28f Removed the pkginfo dependency.
  • d550674 Merge pull request #163 from Eagerod/fixer/add-properties
  • 9b5f65b Added a test addProperties() with no parameters.
  • fb83773 Fixed an issue where the first parameter in a callback would not be the
  • e7b5449 Merge pull request #121 from rubbingalcoholic/master
  • e493cb8 Merge pull request #153 from devrelm/devrelm.function-defaults
  • 3046431 Merge pull request #156 from littleguga/master

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

lmammino avatar Nov 30 '23 14:11 lmammino