gitbook-pdfgen icon indicating copy to clipboard operation
gitbook-pdfgen copied to clipboard

Published 20 hours ago verified publisher icon lwchkg

[Snyk] Security upgrade fs-promise from 0.5.0 to 2.0.3

Open lwchkg opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: fs-promise The new version differs by 27 commits.
  • 7d73eb2 Deprecation notice
  • 600d149 Remove reference to unsupported `walk` function (#29)
  • 7bc0779 Version 2.0.2
  • c37c1e1 Merge pull request #25 from kevinbeaty/mz/fs
  • 88c9a34 Update list of mz/fs functions to proxy, add test for mkdtemp()
  • 3f53728 Version 2.0.1
  • 75fe5a5 Merge pull request #22 from SBD580/master
  • 90fd3d4 Move Types dependencies to devDependencies
  • b327d35 Version 2.0
  • 494658f Update .travis.yml (#20)
  • f2bfa76 Merge pull request #18 from dcharbonnier/master
  • 40a412c EOF
  • feff506 missing EOF
  • 5eaeeda add fs-extra definition
  • 1cd5808 add types
  • 7247d96 walk removed on fs-exta 2
  • 3cf4b30 Upgrade packages
  • a446589 Merge branch 'master' of github.com:kevinbeaty/fs-promise
  • 9ca4e5e Merge pull request #17 from RyanZim/deps
  • e2cd2bb Merge pull request #17 from RyanZim/deps
  • 7f84fa8 Update fs-extra to v1.0.0
  • 562b8c9 Merge pull request #15 from amilajack/patch-1
  • 289dc21 Added travis ci support for node 6
  • da24bc7 Merge pull request #14 from HugoGiraudel/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

lwchkg avatar Feb 07 '24 06:02 lwchkg