MEANcore icon indicating copy to clipboard operation
MEANcore copied to clipboard

Published 20 hours ago verified publisher icon mrdav30

[Snyk] Security upgrade puppeteer from 10.1.0 to 13.1.2

Open snyk-bot opened this issue 3 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 611/1000
Why? Recently disclosed, Has a fix available, CVSS 6.5		 Information Exposure
SNYK-JS-NODEFETCH-2342118		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: puppeteer The new version differs by 190 commits.
  • 0a9eb3c chore(release): mark v13.1.2 (#7925)
  • e4c48d3 fix(package.json): update node-fetch package (#7924)
  • d80d602 fix: types in Connection.ts to be compatible with strict mode Typescript (#7919)
  • a8ec0aa fix: types in Browser.ts to be compatible with strict mode Typescript (#7918)
  • 08c0e8b chore: bump version to v13.1.1-post (#7913)
  • f108560 chore(release): mark v13.1.1 (#7912)
  • 344feb5 fix: use content box for OOPIF offset calculations (#7911)
  • c09522a chore: bump version to v13.1.0-post (#7909)
  • 80d6b84 chore(release): mark v13.1.0 (#7908)
  • a55c86f feat(chromium): roll to Chromium 98.0.4758.0 (r950341) (#7907)
  • a566263 fix: apply OOPIF offsets to bounding box and box model calls (#7906)
  • d7937b8 fix: error for pre-existing OOPIFs (#7899)
  • 486bbe0 fix: correctly compute clickable points for elements inside OOPIFs (#7900)
  • 59578d9 chore: bump version to v13.0.1-post (#7866)
  • 71cef32 chore(release): mark v13.0.1 (#7865)
  • 8d8e874 fix: make sure ElementHandle.waitForSelector is evaluated in the right context (#7843)
  • 1c44551 fix: predicate arguments for waitForFunction (#7845)
  • 36207c5 fix: disable a test failing on Firefox (#7846)
  • 3e3a90b docs: fix typo (#7839)
  • acdc67b chore: bump version to v13.0.0-post (#7833)
  • d0cb9e2 chore(release): mark v13.0.0 (#7832)
  • 02c9af6 fix(types): revert "feat(typescript): allow using puppeteer without dom lib"
  • 8242422 fix!: typo in 'already-handled' constant of the request interception API (#7813)
  • 71cc1b9 refactor: remove unused promise (#7830)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Jan 25 '22 16:01 snyk-bot