wago.io icon indicating copy to clipboard operation
wago.io copied to clipboard
verified publisher icon oratory

[Snyk] Security upgrade fastify from 2.13.0 to 2.15.1

Open snyk-bot opened this issue 5 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • backend/package.json
    • backend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Denial of Service (DoS)
SNYK-JS-FASTIFY-596516		 No No Known Exploit
Commit messages
Package name: fastify The new version differs by 34 commits.
  • 2cfe0df Bumped v2.15.1
  • 74c3157 Disable allErrors in default Ajv config.
  • 854e150 Revert "correct typings for ready() (#2345)"
  • 6de8943 Add `PATCH` to `body` validation (#2351)
  • 65d0e5b correct typings for ready() (#2345)
  • fd94ad3 Bumped v2.15.0
  • 655f28f On ready backport (#2296)
  • 12fa714 Fix custom JSON support (#2309)
  • 39e2375 Bind error handler to instance (v2) (#2305)
  • 6b0ffc6 Bumped v2.14.1
  • bbd8265 Tweak haproxy config for issue #2036 (#2270) (#2271)
  • 34ba544 Fix: call preHandler on reply.callNotFound (#2256) (#2264)
  • f12f487 doc: doc example to use ajv-errors (#2254)
  • 6f108c4 Log clientError as trace to avoid dev confusion (#2241) (#2242)
  • 0f53a90 Bumped v2.14.0
  • faab48f http2: fix HEAD requests hanging (#2233) (#2239)
  • c9a101f fix #2214 (#2218)
  • 394d0d4 Support builder-style injection (#2209)
  • 13595c8 Bumped v2.13.1
  • 034e046 Fix for Link in docs/Middleware (#2192)
  • 32508fe Fix package-manager CI (#2189)
  • 8ba959d Fixes crash when using a non-standard error code (#2184)
  • 08e0a04 ignore fast-json-stringify in dependabot
  • cd0e639 Add google cloud trace API plugin (#2185)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Jul 31 '20 05:07 snyk-bot