honeycomb-server
honeycomb-server copied to clipboard
Published
20 hours ago •
node-honeycomb
node-honeycomb
[Snyk] Security upgrade urllib from 2.38.0 to 3.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: urllib
The new version differs by 28 commits.- 53a32c3 Release 3.0.0
- 20944ee 📦 NEW: Support request and response events
- f01c264 📦 NEW: Support HttpClient with rejectUnauthorized
- 61a915c 📦 NEW: Support options.auth
- cb084d9 📦 NEW: Support custom lookup and checkAddress
- cc1c854 📦 NEW: Support options.opaque = object
- f07c9f8 📦 NEW: Support options.timing = true
- 70a75c6 📦 NEW: Support options.compressed instead of gzip
- 936bc01 👌 IMPROVE: Support Node.js 14
- eb6c319 📦 NEW: Support auto retry like HttpClient2
- b07a45e 👌 IMPROVE: Use brotli instead of deflate
- a8876f2 🤖 TEST: Big stream timeout
- 6b5a4f1 📦 NEW: Use request instead of fetch
- c1218c5 🐛 FIX: Try to use Readable first
- a67d9d1 🐛 FIX: Dont parse empty data to json
- 2882f0e 🤖 TEST: Error cases for stream and writeStream
- 57ccc7e 📦 NEW: Support options.streaming = true
- f2ca7eb 📦 NEW: Support fixJSONCtlChars
- f5390f2 📦 NEW: TS compiler both Commonjs and ESM support
- c3cc765 📦 NEW: Support upload file by args.files
- 70a238d 🤖 TEST: Use jest and ts
- 26c44b7 📦 NEW: [BREAKING] Refactor impl base on undici
- ec200b0 Release 2.38.1
- f343daa fix: ignore request error if request is done (#384)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
